Submitted URL: http://www.manta.com/c/mx5m8pq/maid-vip
Effective URL: https://www.manta.com/c/mx5m8pq/maid-vip
Submission: On October 23 via manual from DE — Scanned from DE

Summary

This website contacted 75 IPs in 13 countries across 68 domains to perform 286 HTTP transactions. The main IP is 2606:4700::6813:d184, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.manta.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2021. Valid for: a year.
This is the only time www.manta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700::68... 13335 (CLOUDFLAR...)
14 18.66.122.59 16509 (AMAZON-02)
8 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.222.214.88 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 28 151.101.65.44 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
13 2600:9000:223... 16509 (AMAZON-02)
1 142.250.184.198 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 172.217.23.98 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 159.65.233.166 14061 (DIGITALOC...)
5 104.111.247.126 16625 (AKAMAI-AS)
1 34.232.140.51 14618 (AMAZON-AES)
1 18.66.97.37 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
5 34.224.118.226 14618 (AMAZON-AES)
1 3 13.32.121.17 16509 (AMAZON-02)
1 130.211.23.194 15169 (GOOGLE)
1 52.222.236.74 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.112.30 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.111.219.144 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
9 141.226.228.48 200478 (TABOOLA-AS)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 52.202.69.186 14618 (AMAZON-AES)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 7 76.223.111.131 16509 (AMAZON-02)
3 2600:1f18:612... 14618 (AMAZON-AES)
4 4 185.94.180.126 35220 (SPOTX-AMS)
3 6 18.196.176.125 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2.18.235.40 16625 (AKAMAI-AS)
3 3 2.19.35.65 16625 (AKAMAI-AS)
6 104.109.78.125 16625 (AKAMAI-AS)
1 34.246.74.180 16509 (AMAZON-02)
12 2.18.233.180 16625 (AKAMAI-AS)
12 2.18.234.233 16625 (AKAMAI-AS)
3 69.173.144.139 26667 (RUBICONPR...)
2 6 2.18.234.21 16625 (AKAMAI-AS)
1 3 34.98.64.218 15169 (GOOGLE)
4 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 198.47.127.19 3257 (GTT-BACKB...)
1 52.222.214.38 16509 (AMAZON-02)
4 52.222.210.175 16509 (AMAZON-02)
3 4 37.157.3.30 198622 (ADFORM)
2 2 213.155.156.185 1299 (TWELVE99 ...)
17 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 3 52.30.222.33 16509 (AMAZON-02)
6 6 142.250.185.226 15169 (GOOGLE)
3 3 213.19.147.45 26120 (RHYTHMONE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 188.165.137.78 16276 (OVH)
1 72.251.241.204 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 185.29.132.245 30419 (MEDIAMATH...)
2 198.47.127.20 3257 (GTT-BACKB...)
1 2 51.222.80.231 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
1 159.253.128.188 36351 (SOFTLAYER)
2 2 185.33.220.241 29990 (ASN-APPNEX)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
2 2 151.101.2.49 54113 (FASTLY)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 2 185.33.221.11 29990 (ASN-APPNEX)
1 52.48.175.241 16509 (AMAZON-02)
1 2 209.54.178.82 16509 (AMAZON-02)
1 54.171.219.200 16509 (AMAZON-02)
1 18.66.112.81 16509 (AMAZON-02)
2 185.64.190.75 62713 (AS-PUBMATIC)
1 141.226.224.32 200478 (TABOOLA-AS)
1 64.233.167.156 15169 (GOOGLE)
286 75
Apex Domain
Subdomains
Transfer
38 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
am-trc-events.taboola.com
vidstat.taboola.com
imprammp.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
match.taboola.com
sync.taboola.com
pips.taboola.com
cds.taboola.com
515 KB
35 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com Failed
image8.pubmatic.com Failed
173 KB
18 doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net Failed
bid.g.doubleclick.net
250 KB
17 google.com
www.google.com
fundingchoicesmessages.google.com
adservice.google.com
128 KB
17 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
269 KB
16 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
288 KB
15 manta-r3.com
cc3.manta-r3.com
images.manta-r3.com
335 KB
13 intergi.com
cdn.intergi.com
220 KB
12 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
32 KB
8 consensu.org
cdn.conversant.mgr.consensu.org
api.conversant.mgr.consensu.org
189 KB
8 intergient.com
cdn.intergient.com
150 KB
7 adsrvr.org
match.adsrvr.org
2 KB
7 google-analytics.com
www.google-analytics.com
56 KB
7 manta.com
www.manta.com
go2.manta.com
39 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
41 KB
6 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
7 KB
6 bidswitch.net
x.bidswitch.net
3 KB
6 urlbi.com
widget.consent.urlbi.com
urlbi.com
110 KB
4 adnxs.com
ib.adnxs.com
secure.adnxs.com
3 KB
4 adform.net
c1.adform.net
2 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
67 KB
3 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 openx.net
taboola-d.openx.net
923 B
3 tremorhub.com
taboola-supply-partners.tremorhub.com
547 B
3 google.de
adservice.google.de
www.google.de
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
64 KB
3 googleapis.com
fonts.googleapis.com
2 KB
2 sitescout.com
pixel-sync.sitescout.com
636 B
2 everesttech.net
sync-tm.everesttech.net
744 B
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 mathtag.com
sync.mathtag.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 moatads.com
z.moatads.com
mb.moatads.com
75 KB
2 pardot.com
pi.pardot.com
4 KB
2 dotomi.com
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
687 B
2 fastclick.net
secure.cdn.fastclick.net
19 KB
2 googletagservices.com
www.googletagservices.com
64 KB
2 btloader.com
btloader.com
api.btloader.com
9 KB
1 privacymanager.io
geo.privacymanager.io
596 B
1 demdex.net
dpm.demdex.net
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
484 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 clientgear.com
event.clientgear.com
263 B
1 quantserve.com
pixel.quantserve.com
542 B
1 simpli.fi
um.simpli.fi
612 B
1 deepintent.com
match.deepintent.com
44 B
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
326 B
1 ad4m.at
ad4m.at
915 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
334 B
1 rlcdn.com
ats.rlcdn.com
57 KB
1 playwire.com
config.playwire.com
6 KB
1 googleadservices.com
partner.googleadservices.com
405 B
1 crsspxl.com
tag.crsspxl.com
106 B
1 ad-delivery.net
ad-delivery.net
1003 B
1 googletagmanager.com
www.googletagmanager.com
56 KB
0 brand-display.com Failed
dmp.brand-display.com Failed
0 loopme.me Failed
csync.loopme.me Failed
286 68
Domain Requested by
14 cc3.manta-r3.com www.manta.com
cc3.manta-r3.com
13 cdn.intergi.com www.manta.com
cdn.intergient.com
cdn.intergi.com
12 ads.stickyadstv.com vidstat.taboola.com
cdn.stickyadstv.com
12 fundingchoicesmessages.google.com www.manta.com
12 cdn.taboola.com www.manta.com
cdn.taboola.com
10 simage2.pubmatic.com ads.pubmatic.com
10 pagead2.googlesyndication.com www.manta.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 cdn.intergient.com www.manta.com
cdn.intergient.com
7 image2.pubmatic.com ads.pubmatic.com
7 match.adsrvr.org 3 redirects imprammp.taboola.com
am-match.taboola.com
ssum.casalemedia.com
7 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.manta.com
6 ads.pubmatic.com www.manta.com
ads.pubmatic.com
6 cm.g.doubleclick.net
6 eus.rubiconproject.com imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
6 x.bidswitch.net 3 redirects imprammp.taboola.com
am-match.taboola.com
6 www.manta.com 1 redirects www.manta.com
cc3.manta-r3.com
5 urlbi.com www.googletagmanager.com
www.manta.com
urlbi.com
5 cdn.conversant.mgr.consensu.org www.googletagmanager.com
secure.cdn.fastclick.net
cdn.conversant.mgr.consensu.org
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 c.amazon-adsystem.com cdn.intergi.com
c.amazon-adsystem.com
4 cdn.stickyadstv.com vidstat.taboola.com
cdn.stickyadstv.com
4 vpaid.pubmatic.com vidstat.taboola.com
4 sync.search.spotxchange.com 4 redirects
4 www.google.com www.manta.com
tpc.googlesyndication.com
3 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 taboola-d.openx.net 1 redirects vidstat.taboola.com
3 token.rubiconproject.com eus.rubiconproject.com
3 secure-assets.rubiconproject.com 3 redirects
3 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
3 api.conversant.mgr.consensu.org cdn.conversant.mgr.consensu.org
3 am-trc-events.taboola.com www.manta.com
3 trc.taboola.com 1 redirects cdn.taboola.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.manta.com
3 securepubads.g.doubleclick.net www.googletagservices.com
cdn.intergi.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com cc3.manta-r3.com
googleads.g.doubleclick.net
2 aktrack.pubmatic.com www.manta.com
2 vid.pubmatic.com vpaid.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 secure.adnxs.com 1 redirects ssum.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 ib.adnxs.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 ssum.casalemedia.com 1 redirects am-match.taboola.com
2 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 pi.pardot.com www.manta.com
pi.pardot.com
2 www.google.de www.manta.com
2 secure.cdn.fastclick.net www.googletagmanager.com
secure.cdn.fastclick.net
2 stats.g.doubleclick.net www.google-analytics.com
2 www.googletagservices.com www.manta.com
googleads.g.doubleclick.net
1 bid.g.doubleclick.net vpaid.pubmatic.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 geo.privacymanager.io ats.rlcdn.com
1 sync.taboola.com ssum.casalemedia.com
1 dpm.demdex.net ssum.casalemedia.com
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 event.clientgear.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 ad4m.at ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 go2.manta.com pi.pardot.com
1 ats.rlcdn.com cdn.intergient.com
1 mb.moatads.com z.moatads.com
1 z.moatads.com cdn.intergient.com
1 config.playwire.com cdn.intergient.com
1 am-vid-events.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 15.taboola.com cdn.taboola.com
1 vars.hotjar.com static.hotjar.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 script.hotjar.com static.hotjar.com
1 api.btloader.com btloader.com
1 static.hotjar.com www.manta.com
1 tag.crsspxl.com www.manta.com
1 widget.consent.urlbi.com www.googletagmanager.com
1 ad-delivery.net www.manta.com
1 ad.doubleclick.net www.manta.com
1 images.manta-r3.com www.manta.com
1 www.googletagmanager.com www.manta.com
1 btloader.com www.manta.com
0 image8.pubmatic.com Failed www.manta.com
0 dmp.brand-display.com Failed ssum.casalemedia.com
0 csync.loopme.me Failed ads.pubmatic.com
286 117
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-05-09 -
2022-05-08
a year crt.sh
*.manta-r3.com
Amazon
2021-09-24 -
2022-10-23
a year crt.sh
cdn.intergient.com
Amazon
2021-02-03 -
2022-03-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
www.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
cdn.intergi.com
Amazon
2021-02-03 -
2022-03-04
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
widget.consent.humanpresence.app
R3
2021-10-03 -
2022-01-01
3 months crt.sh
cdn.conversant.mgr.consensu.org
R3
2021-08-16 -
2021-11-14
3 months crt.sh
tag.crsspxl.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-10 -
2021-11-30
a year crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
urlbi.com
Amazon
2021-08-29 -
2022-09-27
a year crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
api.btloader.com
GTS CA 1D4
2021-08-28 -
2021-11-26
3 months crt.sh
*.google.de
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA
2021-03-11 -
2022-03-15
a year crt.sh
www.google.de
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-07-13 -
2022-06-25
a year crt.sh
pi.pardot.com
DigiCert SHA2 Secure Server CA
2020-12-05 -
2021-12-04
a year crt.sh
*.conversant.mgr.consensu.org
GlobalSign RSA OV SSL CA 2018
2020-03-31 -
2022-06-06
2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.tremorhub.com
Amazon
2021-06-27 -
2022-07-26
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
*.playwire.com
Amazon
2021-04-12 -
2022-05-11
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-01-21 -
2022-01-25
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2021-05-25 -
2022-06-25
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA
2021-09-19 -
2022-09-20
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA
2019-11-25 -
2022-02-18
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
c.amazon-adsystem.com
Amazon
2021-07-06 -
2022-06-27
a year crt.sh
go2.manta.com
R3
2021-08-22 -
2021-11-20
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-09-09 -
2021-12-07
3 months crt.sh
*.match.prod.bidr.io
Amazon
2021-02-26 -
2022-03-27
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-24 -
2022-03-26
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2020-04-09 -
2022-06-08
2 years crt.sh
*.onaudience.com
Certyfikat SSL
2021-05-28 -
2022-05-28
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-08-24 -
2022-02-16
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh
*.gumgum.com
Amazon
2021-06-05 -
2022-07-04
a year crt.sh
s.amazon-adsystem.com
Amazon
2021-07-14 -
2022-06-27
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
*.privacymanager.io
Amazon
2021-09-25 -
2022-10-24
a year crt.sh

This page contains 36 frames:

Primary Page: https://www.manta.com/c/mx5m8pq/maid-vip
Frame ID: E2085127C21308CAD2799183AA2CAFBF
Requests: 167 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: AAE6B9868C78C3B350C6823203D229B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Frame ID: E2CF937D1C654FC94E7C5632842FEF45
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&adk=1812271804&adf=3025194257&lmt=1635002942&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=1&bdt=256&idt=122&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=736x90&nras=1&correlator=5666588945401&frm=20&pv=1&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=198
Frame ID: 9E7CF1BA85C97553FD5CB50A0834A86D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 14B960FC504DC48CE5F792D4FC60AD44
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Frame ID: C4B8F3197EA72B117A2F5656311A7724
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66425185&crid=5922285&dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&cmcv=&pix=undefined&cb=1635002943172&uv=3050&tms=1635002943172&abt=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=39A4FCF8E42063651121057962582&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E9B245664A48FFD79FE6C6354137ACB6
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 6E6B0C447CC9D6FCAD5A05D7D3F37821
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F5F23DA28D4E99D48DB53140518DE616
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 271F071FD52425C31FDBA2C7DE845DD7
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 19D85EAB1169C522090D6308DDEF6BBA
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: C1E9E58989B81FBAC99F4452D4A1C466
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 87B896E6BD48C26DA2525BDAF6409FAD
Requests: 4 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.6.27/iframe/iframe.html
Frame ID: F46BB0E27F391CE0B13E134C30F198EF
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&gdpr=1&us_privacy=1---
Frame ID: A682AA4343311A9AB956F880E0FF1286
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 33582699A5002BC9D9F4EA5730A85D59
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Frame ID: F4AB5034661AA25A9BBF9C9E7FE13669
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DDEE2BA41242378F6D8AD4B2D63B81BB
Requests: 23 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 0AC9D8DF92165888A82C229F48F5ABE3
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946
Frame ID: 0F7DDF261A9713E8817F6FCB27F62BD0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7584791455511712389
Frame ID: 0CEFE75707D5EF28830301AD4AD949EF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6DB0FF22E360FB1350A92A44609F29A9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022284173346601113
Frame ID: D2680BAFCB6EEB23B52398EBA87AD610
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: A7E483508C9C63AA08776F91F0214D84
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Frame ID: A63D6ADA175DBA8BDA04C15D4E868207
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003
Frame ID: 70E7F631FE2FA6F528B9CB804C4E8A32
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 523BB1EF5ADCCDBDBE428818232CD459
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hUyaRREaeI5M6DMwqim7XshB
Frame ID: 2203837D2C7298944C01631A3A6B63CC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 44411780D75E2865866FE3BD199DEF48
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A1421418954C68B4BA7ECC7F9B15E487
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: CC3B7675D1A7854FEE1B29CAAEEC7B98
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1c481b1d-912c-4f37-a46c-f7f39673d806-tuct86dafbf&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 940C885358B0DEFC81B26612AFECA594
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 16FA63A43F0FC5D908A9C2E84FCC5D2C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 4EA229C1D20C7D9BE02665A79E900C09
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&gdpr=1&us_privacy=1---
Frame ID: 4A3A8659F5E4FF0E9A5131CA96F9F294
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2D6842AFC481929779CD6937782CCD54
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Maid VIP Thousand Oaks CA, 91360 – Manta.com

Page URL History Show full URLs

  1. http://www.manta.com/c/mx5m8pq/maid-vip HTTP 301
    https://www.manta.com/c/mx5m8pq/maid-vip Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tag\.crsspxl\.com/s1\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

286
Requests

96 %
HTTPS

32 %
IPv6

68
Domains

117
Subdomains

75
IPs

13
Countries

3237 kB
Transfer

9924 kB
Size

108
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.manta.com/c/mx5m8pq/maid-vip HTTP 301
    https://www.manta.com/c/mx5m8pq/maid-vip Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1635002942053&ns_c=UTF-8&cv=3.5&c8=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&c7=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1635002942053&ns_c=UTF-8&cv=3.5&c8=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&c7=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&c9=
Request Chain 127
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f3f4ae81-3415-11ec-9d47-175cf56a0306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f3f4ab02-3415-11ec-b974-169e7f670306&orig=video&us_privacy=1---gdpr=1&
Request Chain 131
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f3f4ab57-3415-11ec-b974-169e7f670306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f3f4ab02-3415-11ec-b974-169e7f670306&orig=video&us_privacy=1---gdpr=1&
Request Chain 146
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 147
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 165
  • https://taboola-d.openx.net/v/1.0/av?auid=543846817&gdpr=1&us_privacy=1--- HTTP 302
  • https://taboola-d.openx.net/v/1.0/av?cc=1&auid=543846817&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDYxYTAwZDItOGFmMC02ZmZiLTUzMzAtMGM0MTRhNGI3YjI0
Request Chain 175
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 176
  • https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Request Chain 197
  • https://taboola-d.openx.net/v/1.0/av?auid=543846817&gdpr=1&us_privacy=1--- HTTP 302
  • https://taboola-d.openx.net/v/1.0/av?cc=1&auid=543846817&gdpr=1&us_privacy=1---
Request Chain 203
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946
Request Chain 204
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7584791455511712389
Request Chain 206
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022284173346601113
Request Chain 207
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEdFJrN0M2RlVBQUJ1SXJsT1FmZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 209
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8262805711 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/27a44235-8757-4bf6-a2b4-5d98a0816fca HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003
Request Chain 211
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hUyaRREaeI5M6DMwqim7XshB
Request Chain 213
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 215
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1c481b1d-912c-4f37-a46c-f7f39673d806-tuct86dafbf&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oG-q5Q43TkC4nSt6OjGZRg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 217
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=615e6174-2a3f-4e00-94cf-529743b04aa5
Request Chain 218
  • https://pixel.onaudience.com/?partner=214&mapped=A06FAAE5-0E37-4E40-B89D-2B7A3A319946 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=faaccf1900b60b715a06089827112244
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTA2RkFBRTUtMEUzNy00RTQwLUI4OUQtMkI3QTNBMzE5OTQ2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA3zfXNUsY2kEB-WS7zD8jQ&google_cver=1
Request Chain 222
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&gdpr=0&gdpr_consent=
Request Chain 223
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1750532214226875959
Request Chain 224
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27a44235-8757-4bf6-a2b4-5d98a0816fca
Request Chain 225
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4428407269026717231&gdpr=0&gdpr_consent=
Request Chain 226
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ
Request Chain 227
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8ZgEccBE2uUxsfTd3ieOkKK_8HTq4Rk-~A&gdpr=0&gdpr_consent=
Request Chain 229
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5daddd8f-0493-48f5-920e-daba1f783b92 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk14f67ea4-b73b-459c-be49-689f91cfe8b0&expires=7&user_group=5&ssp=pubmatic&bsw_param=5daddd8f-0493-48f5-920e-daba1f783b92 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5daddd8f-0493-48f5-920e-daba1f783b92&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 230
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YXQqQAALVwdiAgAT HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YXQqQAALVwdiAgAT&gdpr=0&gdpr_consent=&_test=YXQqQAALVwdiAgAT
Request Chain 232
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2901899503653063483&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 233
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 234
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fb4e7658-b58d-4c13-a0f5-e47dcf770467&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 235
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4428407269026717231
Request Chain 237
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXQqPw-rXgE1j0e5Y7pouQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFz3kGJfHBTKyPBTUx2zS90&google_cver=1&gdpr=1
Request Chain 238
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXQqPw_rXgE1j0e5Y7pouQAABJMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXQqPw_rXgE1j0e5Y7pouQAABJMAAAIB&dcc=t
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXQqPw_rXgE1j0e5Y7pouQAABJMAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJobQ6CQhetBwrj_eLFpj5k&google_cver=1
Request Chain 241
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1637594944

286 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set maid-vip
www.manta.com/c/mx5m8pq/
Redirect Chain
  • http://www.manta.com/c/mx5m8pq/maid-vip
  • https://www.manta.com/c/mx5m8pq/maid-vip
97 KB
26 KB
Document
General
Full URL
https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
abad0dc7ace01ebc13b812b39ec47f2adfb1d23a7a1fa2724c9d6d2a3bc4042f
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Host
www.manta.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 23 Oct 2021 15:29:01 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
6a2bff9dfb8b5be5-FRA
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Set-Cookie
city=j%3Anull; Max-Age=7; Path=/; Expires=Sat, 23 Oct 2021 15:29:08 GMT state=j%3Anull; Max-Age=7; Path=/; Expires=Sat, 23 Oct 2021 15:29:08 GMT stateAbbrv=j%3Anull; Max-Age=7; Path=/; Expires=Sat, 23 Oct 2021 15:29:08 GMT lat=34.773193; Max-Age=7; Path=/; Expires=Sat, 23 Oct 2021 15:29:08 GMT lon=113.721985; Max-Age=7; Path=/; Expires=Sat, 23 Oct 2021 15:29:08 GMT ipContinent=AS; Max-Age=7; Path=/; Expires=Sat, 23 Oct 2021 15:29:08 GMT country=China; Max-Age=7; Path=/; Expires=Sat, 23 Oct 2021 15:29:08 GMT ipCountry=CN; Max-Age=7; Path=/; Expires=Sat, 23 Oct 2021 15:29:08 GMT refer_id=0000; Max-Age=2592000; Path=/; Expires=Mon, 22 Nov 2021 15:29:01 GMT sess_refer=1; Path=/ cust_id=8963f1fc-452f-4f65-89e1-2bf29c02d973; Max-Age=63072000; Path=/; Expires=Mon, 23 Oct 2023 15:29:01 GMT __cf_bm=d.ZdjC.w4_uxz9ZLFuznxsXDM67ilrBuAuDBbJPso1w-1635002941-0-AYw5GIxgBNl570n79MfcARvRMEi1Sx1YRGm/fRbh0GNDrErnsXW0H66PTw8ah+QkLhzA+fFKpqSuUWyPjM2ApQnOWjIhfX4uLhzgyPLgo3e5; path=/; expires=Sat, 23-Oct-21 15:59:01 GMT; domain=.manta.com; HttpOnly; Secure; SameSite=None
Strict-Transport-Security
max-age=86400
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Powered-By
Express
Vary
Accept-Encoding
Server
cloudflare
Content-Encoding
gzip

Redirect headers

Date
Sat, 23 Oct 2021 15:29:01 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 23 Oct 2021 16:29:01 GMT
Location
https://www.manta.com/c/mx5m8pq/maid-vip
Set-Cookie
__cf_bm=ZviwNLuj3v2_EjL.NO61WTGw22ddGn3b9yCy83ZCetg-1635002941-0-AV6o0apjle48haf8tR0Iy4ZgPbm3PnMB8PLwuWNrXv2XK9rJ1ArOz4J8/es+yHJsZKfs8dfWu3Yg1TgOnPQ1D0DdD9R6uZCaD+pgY25sNx+V; path=/; expires=Sat, 23-Oct-21 15:59:01 GMT; domain=.manta.com; HttpOnly; SameSite=None
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6a2bff9dbff14ed9-FRA
simpleLightbox.min.css
cc3.manta-r3.com/dist/3d3f4ecd/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/css/simpleLightbox.min.css
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9575bd5c05aa210be7be6664a949d42870f078f3108b290fc5c8182a53c64ebb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:04 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 11:08:36 GMT
server
AmazonS3
age
269758
etag
"464c1dd88f066cf4ba6d4ca94e64fd42"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 fce673b0e9c8ffbca0678547d3b9c425.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
1246
x-amz-cf-id
wPK2JAQ6ikxg0Exs4HggAox4f3cCDh3akVEedqaPXOwoNEk4BSklog==
fa.css
cc3.manta-r3.com/dist/3d3f4ecd/directory/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/fa.css
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f08c7f05ddb50a10e8a25fcc3dcbb424f615f6533529c71b9e6fd6d687b6397

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:09 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 11:08:36 GMT
server
AmazonS3
age
269753
etag
"2cb84de37b3b4b65a8733b043bc620c7"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 fce673b0e9c8ffbca0678547d3b9c425.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
2042
x-amz-cf-id
4kqOp9n45iwL9lRxEPSujIsN3TU59nmZhzB7u89XG1RmtS_tn9zZKQ==
pageos.js
cdn.intergient.com/pageos/
166 KB
54 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/pageos.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f64fbb25301a7fa953e2c6845f40a756f710bc450fe77e21040810b3f2da5349

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:01 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117d.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=46387, public, must-revalidate
content-encoding
br
x-amz-cf-id
6TJXW68meIoOTnNn75qsc7OXYLzOWs-0ksC4CkzXPalSEluiU4BcPg==
cash.min.js
cc3.manta-r3.com/dist/3d3f4ecd/js/
15 KB
5 KB
Script
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/js/cash.min.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff4591551bd8cc5fab95929ff80970339e10f94a0a0fed84f46414b52684f726

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:04 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 11:08:39 GMT
server
AmazonS3
age
269758
etag
"98dd8464bfa6a6fff1eb8b90319f6909"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fce673b0e9c8ffbca0678547d3b9c425.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
5145
x-amz-cf-id
uMXiy5WGkFQouzawrBX6dTFxF_eVbOwV3vF-O7uc6enaVLHi5pnkMw==
js.cookie.min.js
cc3.manta-r3.com/dist/3d3f4ecd/js/
2 KB
1 KB
Script
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/js/js.cookie.min.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d1799663bbb6029214d90ba7db9cdc725fa02c16d4b090add3721e44238b6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:04 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 11:08:39 GMT
server
AmazonS3
age
269758
etag
"eeb856c4c76000f32df6bfdb5bf2f559"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fce673b0e9c8ffbca0678547d3b9c425.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
861
x-amz-cf-id
3FUaae5y11SjHV9YJKaG1kdnxK8nGftK85ptYV9yUBZUjPAexyRDcA==
axios.min.js
cc3.manta-r3.com/dist/3d3f4ecd/js/
2 KB
1 KB
Script
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/js/axios.min.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff2ae2a84ccfd71438656ac8b21a976c4aaf3668c1b6dde8cf4d142e6390e9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:04 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 11:08:39 GMT
server
AmazonS3
age
269758
etag
"7fc75b46aac5c4e20a336a984ffb62ba"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fce673b0e9c8ffbca0678547d3b9c425.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
951
x-amz-cf-id
cGTjF75ORVwTlU6zLBeLgXng_sYzI74dhXKSW4xXg2z-RKSoO21EgQ==
simpleLightbox.min.js
cc3.manta-r3.com/dist/3d3f4ecd/js/
7 KB
3 KB
Script
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/js/simpleLightbox.min.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6dc97993d7e4803aeb35d0e9a24f0393eceb43de5f7ff0f0e437f1b05aea4e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:04 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 11:08:39 GMT
server
AmazonS3
age
269758
etag
"f8e192ce89b6632269837dd91a483095"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fce673b0e9c8ffbca0678547d3b9c425.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
2328
x-amz-cf-id
bB2Ds2i33_m8PeBx8oYt3xhpeiMQ7hlZtHkLORVafT878wzrE11PsQ==
app.css
cc3.manta-r3.com/dist/3d3f4ecd/directory/css/
31 KB
7 KB
Stylesheet
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/app.css
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a772352d1dc25e936652a140975775186ee84c7f09430cdb626c23dcca30ec1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:04 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 11:08:36 GMT
server
AmazonS3
age
269758
etag
"9a732b25dbc4f1ef49ba20ac413e4597"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 fce673b0e9c8ffbca0678547d3b9c425.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
6811
x-amz-cf-id
CdBkAr9aHbeqvMGlSaaZnqYlsjdbNWp9o7Cc704_gcEKQnsWoqcAKw==
tag
btloader.com/
30 KB
9 KB
Script
General
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe158617fb4867d1db2bd9d476d18f533f3bc188b5710b07c4a3caee716422b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
6a2bffa23da34ac3-FRA
date
Sat, 23 Oct 2021 15:29:01 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2376
etag
W/"b8ac8c665e0ad4558dfa32569506d1d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QX9e8AOhwkEPORi7tWEb1wdqRw5V8P8%2FN71auP5Qei2%2F2DhCB%2F9srSO%2FGhzm70c%2BDO62CZUQCCwNodHutg8WNMLX7%2ByzAMdKz4ryiEwviotCBdmBxXlvNcwvKEQLy3U6hRAa%2FrQcU8yHcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
content-encoding
br
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe02472d15671bc8664db460a411a4e86bd7402a7c8e9874469a4904ada521f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50997
x-xss-protection
0
server
cafe
etag
16531606758280366262
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 15:29:01 GMT
caf.js
www.google.com/adsense/domains/
152 KB
55 KB
Script
General
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a5976913f413e4a5bc7d39c78bc93533dbab35fa45e0b7cc37474fec4ba6750
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
server
sffe
etag
"10481757544466112137"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-afs-ui"
expires
Sat, 23 Oct 2021 15:29:01 GMT
api.js
www.manta.com/cdn-cgi/bm/cv/669835187/
35 KB
9 KB
Script
General
Full URL
https://www.manta.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.manta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.manta.com/c/mx5m8pq/maid-vip
Cookie
city=j%3Anull; state=j%3Anull; stateAbbrv=j%3Anull; lat=34.773193; lon=113.721985; ipContinent=AS; country=China; ipCountry=CN; refer_id=0000; sess_refer=1; cust_id=8963f1fc-452f-4f65-89e1-2bf29c02d973; __cf_bm=d.ZdjC.w4_uxz9ZLFuznxsXDM67ilrBuAuDBbJPso1w-1635002941-0-AYw5GIxgBNl570n79MfcARvRMEi1Sx1YRGm/fRbh0GNDrErnsXW0H66PTw8ah+QkLhzA+fFKpqSuUWyPjM2ApQnOWjIhfX4uLhzgyPLgo3e5
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/c/mx5m8pq/maid-vip
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:01 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript
cache-control
max-age=604800, public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6a2bffa21a265be5-FRA
manta_logo_dark-v1.svg
cc3.manta-r3.com/dist/3d3f4ecd/img/
2 KB
1 KB
Image
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/img/manta_logo_dark-v1.svg
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8b9f22732f3d2c49ca10f6325c06ff383f93cd21d05f8b131cc3a90d522a0c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:10 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 11:08:39 GMT
server
AmazonS3
age
269752
etag
"229cdeabea773006076baed3d64cb3fe"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 fce673b0e9c8ffbca0678547d3b9c425.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
914
x-amz-cf-id
uRrGtvv_geUpy2gZUVEvm_XadSDWKVgX4NZgetJZSGvbS4W3kXCoNA==
gtm.js
www.googletagmanager.com/
168 KB
56 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-R7B4&l=gtmDataLayer
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a788806a2fdba620e0f2823fedfd68e164bace859201a9d48d1f98c7f1be9b3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
56931
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 15:29:01 GMT
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro&display=swap
Requested by
Host: cc3.manta-r3.com
URL: https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f837e34ead3df38437a99751739937715d9e7af680fd3c15f348227649bedb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cc3.manta-r3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 14:56:47 GMT
server
ESF
date
Sat, 23 Oct 2021 15:29:01 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 15:29:01 GMT
css2
fonts.googleapis.com/
790 B
478 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Red+Hat+Text&display=swap
Requested by
Host: cc3.manta-r3.com
URL: https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb30131f8b58afc90a1820a11fd1b19e00f5eadad822e181f578838091715bce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cc3.manta-r3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:29:01 GMT
server
ESF
date
Sat, 23 Oct 2021 15:29:01 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 15:29:01 GMT
pin-gray.svg
cc3.manta-r3.com/dist/3d3f4ecd/img/
2 KB
1 KB
Image
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/img/pin-gray.svg
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ef3a14bc374f282ed743bdfdbecb8744ea21e39d3a32b16f9fdc663678e9847

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:38 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 11:08:39 GMT
server
AmazonS3
age
269724
etag
"5e4760ed4c7f3c4a0e3af4f6633c91ad"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 fce673b0e9c8ffbca0678547d3b9c425.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
728
x-amz-cf-id
UAohzy-OPAqSVf5R6FODYyc9oyCu9Q40H6xVO46Tq2BQ9omctLHSig==
300x300
images.manta-r3.com/api/claim-this-profile/image-mgr/view/20150923Ka8FEHPykH/
15 KB
16 KB
Image
General
Full URL
https://images.manta-r3.com/api/claim-this-profile/image-mgr/view/20150923Ka8FEHPykH/300x300
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-88.fra56.r.cloudfront.net
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
c9bc4a6c57b54aa300e3183531e47724caa51058639bd2143b100487b82113f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:01 GMT
Via
1.1 51bcd21e941ceaec99864557d86202af.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sat, 23 Oct 2021 15:29:02 GMT
Server
Apache/2.4.7 (Ubuntu)
Age
0
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA56-P3
Content-Length
15582
X-Amz-Cf-Id
Fm1bt6Oq1hVOYI3WCc-PXXFJ-CTkAleWcpGLYlIcmxPT8IOJ4zR5Lg==
pin.svg
cc3.manta-r3.com/dist/3d3f4ecd/img/
2 KB
1 KB
Image
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/img/pin.svg
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0efbed475c7b3469628fad118e3ff3fc9975f0f57e389a54d900fc85074e0f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:50 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 11:08:39 GMT
server
AmazonS3
age
269711
etag
"59557d963fb890efdd61b19641748d4d"
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 fce673b0e9c8ffbca0678547d3b9c425.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
724
x-amz-cf-id
jY_qKDx42xPrJRkqamxtyt8P8nCMsryVtr-WWqd1W5L1_V39zwxHwg==
gpt.js
www.googletagservices.com/tag/js/
80 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
694b274340e5cf46cedc7cc5b46277659923a66176203a04820944f70b63f569
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1022 / 214 of 1000 / last-modified: 1634854038"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27136
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Oct 2021 15:29:01 GMT
loader.js
cdn.taboola.com/libtrc/mantamedia-manta/
135 KB
23 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/mantamedia-manta/loader.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.83.6 /
Resource Hash
3e224775a1985db7a8db74d2b3aabe370f2664f4c0ee129b44dc0f0294d5996f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_fYhMocPoIxIfNDcVmhZBMX8.ipC7cw
content-encoding
gzip
etag
"dc2aa45767f3db8c4557ccded78584b713dffe76"
age
0
via
1.1 varnish
x-cache
MISS
x-from-cache
1
content-length
23405
x-amz-id-2
T5BEOV70eiai/bNPrYKANeY9hEHk/IT1aa+pr2dMNpb8zU6ucxqDx5KUVjY/UhgI5/aqVsMM+Gc=
x-served-by
cache-fra19149-FRA
last-modified
Sat, 23 Oct 2021 15:29:01 UTC
server
obaker.93.1.2-11.83.6
x-timer
S1635002942.798628,VS0,VE118
date
Sat, 23 Oct 2021 15:29:01 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
MT43G8DYFBE9Y657
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
15
x-cache-hits
0
RrQCbohi_ic6B3yVSzGBrMx6ZI_cy1A6Ok2ML7hwZrHQcA.woff2
fonts.gstatic.com/s/redhattext/v6/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/redhattext/v6/RrQCbohi_ic6B3yVSzGBrMx6ZI_cy1A6Ok2ML7hwZrHQcA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Red+Hat+Text&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc3ffcdb32a53647771d7c339575f3c233a686fb14a1a89b43896b72060df9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.manta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:29:30 GMT
x-content-type-options
nosniff
age
151171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12520
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:03:48 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 21:29:30 GMT
fa-solid-900.woff2
cc3.manta-r3.com/dist/3d3f4ecd/webfonts/
138 KB
139 KB
Font
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/webfonts/fa-solid-900.woff2
Requested by
Host: cc3.manta-r3.com
URL: https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/fa.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65

Request headers

Referer
https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/fa.css
Origin
https://www.manta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:10 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
269752
x-cache
Hit from cloudfront
content-length
141308
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 11:08:40 GMT
server
AmazonS3
etag
"3ab83f3d616b735a07e3b6b4b918de24"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
via
1.1 9905602b8526d2635024f3edbf1df703.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
x-amz-cf-id
vM7xJ194gcHB-7WZRLmquoYIh5YIstwvPKYN8sIlDCQceaF4-nvC_g==
pw_ph_728x90.svg
cdn.intergi.com/
21 KB
8 KB
Image
General
Full URL
https://cdn.intergi.com/pw_ph_728x90.svg
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fc9ad22fe7eec4d501eb48a2774e3fe1ab49a03d362f097bdf28d73f396b7cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4ClSWNZWuK78O3cz9BTjJI2U241XPQfd
content-encoding
gzip
last-modified
Thu, 10 Sep 2020 16:05:43 GMT
server
AmazonS3
age
31860
etag
W/"737a2144dc6a632c75bf3d3014f3d6ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
date
Sat, 23 Oct 2021 09:40:22 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
VmNjDaWfnrk1fbTvz5Kr2NToRa6ysGoWoTfjQQKhUQfNYkcSO2Y-Ow==
fa-brands-400.woff2
cc3.manta-r3.com/dist/3d3f4ecd/webfonts/
75 KB
75 KB
Font
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/webfonts/fa-brands-400.woff2
Requested by
Host: cc3.manta-r3.com
URL: https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/fa.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c

Request headers

Referer
https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/fa.css
Origin
https://www.manta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:11 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
269751
x-cache
Hit from cloudfront
content-length
76620
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 11:08:40 GMT
server
AmazonS3
etag
"8e61626c3254d9344725c1d34eca227e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
via
1.1 9905602b8526d2635024f3edbf1df703.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
x-amz-cf-id
YUKeV7RRlLWaTXV5kgs-Z-_bo2lIgIOOOOiSW7aY9NRqrb5nnjCnKg==
moranga-regular.woff2
cc3.manta-r3.com/dist/3d3f4ecd/webfonts/
33 KB
34 KB
Font
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/webfonts/moranga-regular.woff2
Requested by
Host: cc3.manta-r3.com
URL: https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6164723a07c8b6156b5e095faa3622ba23890444bc69d9a662c47def3028d93

Request headers

Referer
https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/app.css
Origin
https://www.manta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:22 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
269740
x-cache
Hit from cloudfront
content-length
34017
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 11:08:40 GMT
server
AmazonS3
etag
"f5f8a32c04ca8f84875434e386687187"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
via
1.1 9905602b8526d2635024f3edbf1df703.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
x-amz-cf-id
8mmAuHZllPZO4iXk_UKCpHVozhiKqSIKoBIz_FRg25tvEb6kwgPc9w==
track
www.manta.com/
0
410 B
Fetch
General
Full URL
https://www.manta.com/track?fp=%7B%22listings%22%3A%5B%7B%22emid%22%3A%22mx5m8pq%22%2C%22sicm%22%3A%22B32BB1B8%22%2C%22city%22%3A%2228R%22%7D%5D%2C%22t%22%3A%22cpp%22%2C%22ts%22%3A1635002941840%2C%22total%22%3A1%7D
Requested by
Host: cc3.manta-r3.com
URL: https://cc3.manta-r3.com/dist/3d3f4ecd/js/axios.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.manta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.manta.com/c/mx5m8pq/maid-vip
Cookie
city=j%3Anull; state=j%3Anull; stateAbbrv=j%3Anull; lat=34.773193; lon=113.721985; ipContinent=AS; country=China; ipCountry=CN; refer_id=0000; sess_refer=1; cust_id=8963f1fc-452f-4f65-89e1-2bf29c02d973; __cf_bm=d.ZdjC.w4_uxz9ZLFuznxsXDM67ilrBuAuDBbJPso1w-1635002941-0-AYw5GIxgBNl570n79MfcARvRMEi1Sx1YRGm/fRbh0GNDrErnsXW0H66PTw8ah+QkLhzA+fFKpqSuUWyPjM2ApQnOWjIhfX4uLhzgyPLgo3e5
Connection
keep-alive
x-request-id
337a97785076b9aae2885d86c66147e8
Referer
https://www.manta.com/c/mx5m8pq/maid-vip
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-request-id
337a97785076b9aae2885d86c66147e8

Response headers

Date
Sat, 23 Oct 2021 15:29:02 GMT
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security
max-age=86400
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
CF-Ray
6a2bffa28b075be5-FRA
track
www.manta.com/api/v1/ma/
164 B
680 B
Fetch
General
Full URL
https://www.manta.com/api/v1/ma/track
Requested by
Host: cc3.manta-r3.com
URL: https://cc3.manta-r3.com/dist/3d3f4ecd/js/axios.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2a52a39cacddfd3fab5a06fe9c7c154bd96eba14e3676b12da94cc06e18109
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.manta.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
city=j%3Anull; state=j%3Anull; stateAbbrv=j%3Anull; lat=34.773193; lon=113.721985; ipContinent=AS; country=China; ipCountry=CN; refer_id=0000; sess_refer=1; cust_id=8963f1fc-452f-4f65-89e1-2bf29c02d973; __cf_bm=d.ZdjC.w4_uxz9ZLFuznxsXDM67ilrBuAuDBbJPso1w-1635002941-0-AYw5GIxgBNl570n79MfcARvRMEi1Sx1YRGm/fRbh0GNDrErnsXW0H66PTw8ah+QkLhzA+fFKpqSuUWyPjM2ApQnOWjIhfX4uLhzgyPLgo3e5
Connection
keep-alive
Content-Length
118
x-request-id
337a97785076b9aae2885d86c66147e8
Pragma
no-cache
Host
www.manta.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.manta.com/c/mx5m8pq/maid-vip
Sec-Fetch-Site
same-origin
Referer
https://www.manta.com/c/mx5m8pq/maid-vip
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-request-id
337a97785076b9aae2885d86c66147e8
content-type
application/json

Response headers

Date
Sat, 23 Oct 2021 15:29:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security
max-age=86400
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
6a2bffa2ac126943-FRA
favicon.ico
ad.doubleclick.net/
1 KB
635 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 06:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Oct 2021 06:28:01 GMT
px.gif
ad-delivery.net/
43 B
1003 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.33620595991161784
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Sat, 23 Oct 2021 15:29:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1269
x-guploader-uploadid
ABg5-UzSZ-Kt1WbGdd88HlCnZf7YcJGLu-DR5tPwPS9bXoxAsvJYwt4jGn6LAHoZbG34sctt0vecv7iFCJZExLBCcbRvF7nEjw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5hTJ73uaXUIfDdeMXAa9nxTtqGRPtO85GlyuKlLSVWasLbupYHDa3ltyNfVVELOZXU94ERYfGRm04meQynKNE2B3AmSSgbmdkMuLWBh5QT44WX3kSsO%2FhPyxG4OadKbT4mGGxJjWUL%2Fg2OVlg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6a2bffa2fc916939-FRA
expires
Sat, 23 Oct 2021 15:53:15 GMT
pubads_impl_2021101201.js
securepubads.g.doubleclick.net/gpt/
361 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063225
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
124532
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Oct 2021 15:29:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
241 B
739 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.manta.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
814047fd4d5976f0aba21596965b6675fb5033c3a13f43b5e7b355ae7ef8634d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 15:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
132
x-xss-protection
0
expires
Sat, 23 Oct 2021 15:29:01 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/
271 KB
97 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5318756859004963&plah=www.manta.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebc9499a1fa1277f95c8184e0fbd2260f08cdd5a45e190d93e9f1de44cc2d35a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99042
x-xss-protection
0
server
cafe
etag
12327076470136874193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 15:29:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame AAE6
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211020/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 15:13:19 GMT
expires
Sat, 06 Nov 2021 15:13:19 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
942
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R7B4&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
5307
date
Sat, 23 Oct 2021 14:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sat, 23 Oct 2021 16:00:34 GMT
notice.js
widget.consent.urlbi.com/
5 KB
2 KB
Script
General
Full URL
https://widget.consent.urlbi.com/notice.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R7B4&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.65.233.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
409faf37a965d3faf98b9b35c2281942c60935ac31f6aeae24557a75e8c6c021
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
etag
W/"1393-174fe5eb630"
last-modified
Tue, 06 Oct 2020 14:44:14 GMT
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
strict-transport-security
max-age=15724800; includeSubdomains
gdpr-cmp-stub.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/
1 KB
957 B
Script
General
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/gdpr-cmp-stub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R7B4&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8334e5eb7851550868428f192dd7d9f10d7b513381d8bb3f5606774bc78c3976

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:01 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:20:57 GMT
server
Apache
etag
"48a-5cc99935cdc06-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
667
s1.js
tag.crsspxl.com/
2 B
106 B
Script
General
Full URL
https://tag.crsspxl.com/s1.js?d=2639&cb=1635002941936
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.140.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-140-51.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:01 GMT
Content-Length
2
Content-Type
text/javascript
hotjar-1528605.js
static.hotjar.com/c/
11 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1528605.js?sv=6
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1448e502c7901edccb5c43a138ab4606140dd74bfc316aac6b3db043793e5f03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:28:26 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
51
etag
W/c54d4166efaab133b326c2d4a39b748e
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
rSQlqQoDdbFX6Kbh0B5N-TiaKh0gdyqBh-kMN5hfME0on3EXc-wCfw==
via
1.1 018ffb575888f1c9ec960e3e977c042f.cloudfront.net (CloudFront)
AGSKWxUQfh8aAsBN4RHChmtWNbuMLkgAtiwdwaoBLP0EQCVMb8HP1f3ndLSof84k0ixbHh7YFqDixMIWnrvwaxhfH8M=
fundingchoicesmessages.google.com/f/
78 KB
28 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUQfh8aAsBN4RHChmtWNbuMLkgAtiwdwaoBLP0EQCVMb8HP1f3ndLSof84k0ixbHh7YFqDixMIWnrvwaxhfH8M=
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6d004938dc320652e4c593be28240d0856d52b53b90e40389cccbbcf91199de
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gl3HqII2trAui1H7nv7s7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gl3HqII2trAui1H7nv7s7Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-gl3HqII2trAui1H7nv7s7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gl3HqII2trAui1H7nv7s7Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.js
urlbi.com/
107 KB
108 KB
Script
General
Full URL
https://urlbi.com/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R7B4&l=gtmDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.118.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-118-226.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
342ed94296f56cde0d3b4739acb64a7636c3771146d1a3401e76e14ad569606a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
server
awselb/2.0
content-length
110004
content-type
text/javascript; charset=utf-8
pixel.gif
urlbi.com/
43 B
168 B
Image
General
Full URL
https://urlbi.com/pixel.gif?pid=2442&ctg=Consumer%20Services&subctg=Repair%20Shops
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.118.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-118-226.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
impl.20211021-3-RELEASE.js
cdn.taboola.com/libtrc/
594 KB
121 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20211021-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mantamedia-manta/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1ab47c16e74165d0f7b0886a700859f12ad1131a94f1574338750df949fcf1db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
EUJZyG7GJ8dqTBA.PjHOMC8UtHEWyU7o
content-encoding
br
etag
"de84fcbcddaa94ceb01990e30d71bc0b"
age
24060
x-cache
HIT
content-length
123857
x-amz-id-2
D0qH5iBTLARpXAOyZVI5cdih3cRxCMWvP+japYHiYhQCJzFcv7J09GAvVKnlWICY7acn39gZuK4=
x-served-by
cache-fra19149-FRA
last-modified
Thu, 21 Oct 2021 08:40:24 GMT
server
AmazonS3-br
x-timer
S1635002942.966553,VS0,VE0
date
Sat, 23 Oct 2021 15:29:01 GMT
vary
Accept-Encoding
x-amz-request-id
CP1R842PK4XFZG1K
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
57
x-cache-hits
73076
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mantamedia-manta/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 19:06:14 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
73367
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
FUPwm6-C4PBtec-owtqjYcEuW7RtCqkefqMRE5JYhFFb3OgVm10SsQ==
tr5
cdn.taboola.com/libtrc/
3 B
75 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=snap_rtb_3_var
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635002942.967515,VS0,VE0
x-served-by
cache-fra19149-FRA
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
pv
api.btloader.com/
0
96 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=OSozZgy8t&w=5712072431108096&o=5150306120761344&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 23 Oct 2021 15:29:02 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
Cookie set result
www.manta.com/cdn-cgi/bm/cv/
0
897 B
XHR
General
Full URL
https://www.manta.com/cdn-cgi/bm/cv/result?req_id=6a2bff9dfb8b5be5
Requested by
Host: www.manta.com
URL: https://www.manta.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.manta.com
Accept-Encoding
gzip, deflate, br
Accept-Language
de-DE,de;q=0.9
Sec-Fetch-Dest
empty
Cookie
city=j%3Anull; state=j%3Anull; stateAbbrv=j%3Anull; lat=34.773193; lon=113.721985; ipContinent=AS; country=China; ipCountry=CN; refer_id=0000; sess_refer=1; cust_id=8963f1fc-452f-4f65-89e1-2bf29c02d973; __cf_bm=vpGmqh3r5b3G.kmGFNlqVqVC8Fs6eOLNaO6vq38RUSM-1635002941-0-AZaVvR9YlZc/qcvQ0MV2D0A1Xl56oo2QVxu1WRtJlVrDFDTDs/00SQidHmGffLYAZuc0b05X/5i8w1HAABXfVKzgKBoLNsB4DM5XYpzH7BA0; pageDepth=1; adImps=1; randNum=43
Connection
keep-alive
Content-Length
444
Pragma
no-cache
Host
www.manta.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.manta.com/c/mx5m8pq/maid-vip
Sec-Fetch-Site
same-origin
Referer
https://www.manta.com/c/mx5m8pq/maid-vip
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 23 Oct 2021 15:29:02 GMT
Connection
keep-alive
Server
cloudflare
Set-Cookie
__cf_bm=pxsfr8v7OTHbiHaDykDVGUcqwUe4oYQrlOStE4ElIl0-1635002942-0-AabirPwsdQJy0ce87GsV/acLI++4x3w38cgjneoBIJisC5rqlCL+aCuXzIjVBzq05slzSjIxdK1hM3HWpj3GSbQGB81PlqWMPEOahXbcjI3QiQt7yyo+J7AX6fLR4pWNWw==; path=/; expires=Sat, 23-Oct-21 15:59:02 GMT; domain=.manta.com; HttpOnly; Secure; SameSite=None __cf_bm=gRSPF5K32f.26n8PrNL4q1HTkx1EiTW4splxkXsoT08-1635002942-0-ARmpDSM2C3exc/8XGG/SK9vr07oJRGWVjnqajrTPbDvjYeNOI2cGOFB1zlYbH1gJkMKwO+TE9YZg61JCluXj/1+KodKXGRWUC+OH7Qr3Wxmqeohgk783Qn7/f4O4QKJrbvnz8yBJHlWzzZsrmityfKk=; path=/; expires=Sat, 23-Oct-21 15:59:02 GMT; domain=.manta.com; HttpOnly; Secure; SameSite=None
CF-RAY
6a2bffa3dcf82b71-FRA
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
modules.bff3b8d60820fc90decc.js
script.hotjar.com/
222 KB
59 KB
Script
General
Full URL
https://script.hotjar.com/modules.bff3b8d60820fc90decc.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1528605.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
da4c70755f82ff615c0fd3cad94bf62b19a9d5c25ab87268097eaa9609098bec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
180476
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59887
access-control-allow-origin
*
last-modified
Thu, 21 Oct 2021 13:20:57 GMT
etag
"e6ca8fed932ccfd7b742e0e3ecb6d422"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
qx7m3R-GVWlQLuShd-3tkqajOm931xzxvnH45DZ0mBK31q-f77GZGg==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1635002942053&ns_c=UTF-8&cv=3.5&c8=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&c7=https%3A%2F%2Fwww.manta.com...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1635002942053&ns_c=UTF-8&cv=3.5&c8=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&c7=https%3A%2F%2Fwww.manta.co...
64 B
331 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1635002942053&ns_c=UTF-8&cv=3.5&c8=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&c7=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&c9=
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
wydmdXLxsRxbWlUoQJ4JIXjoCYGQ_h1PfmdsIkhZdTIPd70XjEYmGQ==

Redirect headers

date
Sat, 23 Oct 2021 15:29:02 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1635002942053&ns_c=UTF-8&cv=3.5&c8=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&c7=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&c9=
content-length
249
x-amz-cf-id
n5K4FezzdTd8R0qBakcqlPeNtQRgx_Soq3OcvK0n7D1qFFGzhaNOMA==
js
www.google-analytics.com/gtm/
86 KB
34 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-NJQVKW5&l=gtmDataLayer&t=gtm4&cid=1392064569.1635002942
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1bf61767f004ffbb15dc6d2c3d55c404319e5d44af85526eb4c235cb163cce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
34688
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 15:29:02 GMT
json
trc.taboola.com/mantamedia-manta/trc/3/
10 KB
5 KB
XHR
General
Full URL
https://trc.taboola.com/mantamedia-manta/trc/3/json?tim=15%3A29%3A02.082&lti=snap_rtb_3_var&data=%7B%22id%22%3A410%2C%22ii%22%3A%22%2Fc%2Fmx5m8pq%2Fmaid-vip%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1634807725680%2C%22vi%22%3A1635002942080%2C%22cv%22%3A%2220211021-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A6041%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3388%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2987%2C%22mw%22%3A1040%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fc%2Fmx5m8pq%2Fmaid-vip%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22snap_rtb_3_var%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211021-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
57e10b88fa4f87e1d34975f93d17ad63362f4743ceb75d384c4fdecd2e98e6be

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
383
date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
server
nginx
x-timer
S1635002942.093370,VS0,VE383
x-served-by
cache-fra19149-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.manta.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
AGSKWxXpBFmb6No1SVtCDjZzBLJN-HbKQYBkh2zZCRjf6DpeyiJRZ3CmJZuf4_38BcM1D3J47IVi-LJcxMMW17jekLM=
fundingchoicesmessages.google.com/el/
0
868 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXpBFmb6No1SVtCDjZzBLJN-HbKQYBkh2zZCRjf6DpeyiJRZ3CmJZuf4_38BcM1D3J47IVi-LJcxMMW17jekLM=?pvid=E3651036-A0C8-4F96-8172-36FDC5FD3906&anonid=BBDC51C2-02CF-4972-844D-415318DC0676
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nh32gIB9bGc.es5.O/d=1/rs=AJlcJMx731qpX3HslPduIZ-bycvFUSTllw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UQNPJEizMxPLo9ScwsgZVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-UQNPJEizMxPLo9ScwsgZVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UQNPJEizMxPLo9ScwsgZVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-UQNPJEizMxPLo9ScwsgZVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXpBFmb6No1SVtCDjZzBLJN-HbKQYBkh2zZCRjf6DpeyiJRZ3CmJZuf4_38BcM1D3J47IVi-LJcxMMW17jekLM=
fundingchoicesmessages.google.com/el/
0
364 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXpBFmb6No1SVtCDjZzBLJN-HbKQYBkh2zZCRjf6DpeyiJRZ3CmJZuf4_38BcM1D3J47IVi-LJcxMMW17jekLM=?pvid=E3651036-A0C8-4F96-8172-36FDC5FD3906&anonid=BBDC51C2-02CF-4972-844D-415318DC0676
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nh32gIB9bGc.es5.O/d=1/rs=AJlcJMx731qpX3HslPduIZ-bycvFUSTllw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nMQ69GxOub0XYWYpgSrPVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-nMQ69GxOub0XYWYpgSrPVA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nMQ69GxOub0XYWYpgSrPVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-nMQ69GxOub0XYWYpgSrPVA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
199 B
405 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.manta.com&callback=_gfp_s_&client=ca-pub-5318756859004963
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5318756859004963&plah=www.manta.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
636713c0d4608b0950f3c670ff7168a399b1e8f70b77a12f2a77404c354ac0b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
190
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
716 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.manta.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5318756859004963&plah=www.manta.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
520 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.manta.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5318756859004963&plah=www.manta.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E2CF
87 KB
29 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5318756859004963&plah=www.manta.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71342d6fc47aa0b073257a850b658e9e8174b70c9743c30e7bec0d9842b697f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Oct 2021 15:29:02 GMT
server
cafe
content-length
29408
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 15:44:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sat, 23 Oct 2021 15:29:02 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 9E7C
186 KB
51 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&adk=1812271804&adf=3025194257&lmt=1635002942&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=1&bdt=256&idt=122&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=736x90&nras=1&correlator=5666588945401&frm=20&pv=1&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=198
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5318756859004963&plah=www.manta.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1e473e9f464a7c089378dfe161d379c46654dff3cae46151bef9286a0d0c33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5318756859004963&output=html&adk=1812271804&adf=3025194257&lmt=1635002942&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=1&bdt=256&idt=122&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&prev_fmts=736x90&nras=1&correlator=5666588945401&frm=20&pv=1&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=198
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Oct 2021 15:29:02 GMT
server
cafe
content-length
51525
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 15:44:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sat, 23 Oct 2021 15:29:02 GMT
cache-control
private
AGSKWxWc-4FabSVpFnjJYXUDEIm2WOFHlkeS3y-MNzgfovjOo1VtCR7cA8NUL7M7nXiYwIMM1PK7Oa9OM5-zAPQIsXI=
fundingchoicesmessages.google.com/f/
63 KB
23 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWc-4FabSVpFnjJYXUDEIm2WOFHlkeS3y-MNzgfovjOo1VtCR7cA8NUL7M7nXiYwIMM1PK7Oa9OM5-zAPQIsXI=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM1MDAyOTQyLDEyMzAwMDAwMF0sIkUzNjUxMDM2LUEwQzgtNEY5Ni04MTcyLTM2RkRDNUZEMzkwNiIsIkJCREM1MUMyLTAyQ0YtNDk3Mi04NDRELTQxNTMxOERDMDY3NiIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5tYW50YS5jb20vYy9teDVtOHBxL21haWQtdmlwIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nh32gIB9bGc.es5.O/d=1/rs=AJlcJMx731qpX3HslPduIZ-bycvFUSTllw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc55cc5adddeec6d4d82b6b21a3955dfeef5904dae74b6c5f16403c8161625b4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pMqOk3OWNe8pYWP4+njfQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-pMqOk3OWNe8pYWP4+njfQg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pMqOk3OWNe8pYWP4+njfQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-pMqOk3OWNe8pYWP4+njfQg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
box-d09a446edefba0dcce5d5143e1840e9a.html
vars.hotjar.com/ Frame 14B9
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1528605.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-d09a446edefba0dcce5d5143e1840e9a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

content-type
text/html
content-length
1044
date
Wed, 20 Oct 2021 07:15:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"63e08f928469ab67d9dac30c065ed182"
last-modified
Wed, 20 Oct 2021 07:15:01 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
lPLj6KU_Ejj7qljawJwjA978xZ0VkgBWHHAylsniipu9w_XU00r6cA==
age
288837
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 14:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 23 Oct 2021 15:29:46 GMT
collect
stats.g.doubleclick.net/j/
4 B
412 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-10299948-11&cid=1392064569.1635002942&jid=631146546&uid=NA&gjid=1350844270&_gid=1708298876.1635002942&_u=aGDAgUAjQAAAAE~&z=2057123358
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 23 Oct 2021 15:29:02 GMT
content-type
text/plain
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
117 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1989064066&t=timing&_s=1&dl=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&ul=en-us&de=UTF-8&dt=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=AdSense&utv=undefined&utl=kw%3Acleaning%20services&utt=29&xid=&xvar=-1&_u=aGDAAUAjQAAAAG~&jid=583495728&gjid=836888998&cid=1392064569.1635002942&uid=NA&tid=UA-10299948-11&_gid=1708298876.1635002942&_r=1&gtm=2wgak0R7B4&cd1=no-test&cd2=NA&cd4=2a01%3A4f8%3A150%3A2008%3A36%3A%3A1&cd5=B3&cd6=B32BB&cd7=B32BB1B8&cd9=Consumer%20Services&cd10=Repair%20Shops&cd11=Cleaning%20Services&cd12=United%20States&cd13=California&cd14=Thousand%20Oaks&cd15=91360&cd16=34.184838%2C-118.86336699999998&cd17=Ventura%2C%20CA&cd18=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&cd19=Sat%20Oct%2023%202021%2015%3A29%3A01%20GMT%2B0000%20(GMT)&cd20=company-claimed&cd23=8963f1fc-452f-4f65-89e1-2bf29c02d973&cd24=no-test&cd25=0195806537&cd26=consumer&cd27=1&cd28=lg-lg&cd39=null&cd40=false&cd41=none&cd55=LM%20%2449%20Price%20Test%20CONTROL&cd56=&cd57=&cd61=&z=753968938
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
192 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=1989064066&t=pageview&_s=1&dl=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&ul=en-us&de=UTF-8&dt=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&xid=&xvar=-1&_u=aGDAgUAjQ~&jid=631146546&gjid=1350844270&cid=1392064569.1635002942&uid=NA&tid=UA-10299948-11&_gid=1708298876.1635002942&gtm=2wgak0R7B4&cd1=no-test&cd2=NA&cd4=2a01%3A4f8%3A150%3A2008%3A36%3A%3A1&cd5=B3&cd6=B32BB&cd7=B32BB1B8&cd9=Consumer%20Services&cd10=Repair%20Shops&cd11=Cleaning%20Services&cd12=United%20States&cd13=California&cd14=Thousand%20Oaks&cd15=91360&cd16=34.184838%2C-118.86336699999998&cd17=Ventura%2C%20CA&cd18=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&cd19=Sat%20Oct%2023%202021%2015%3A29%3A01%20GMT%2B0000%20(GMT)&cd20=company-claimed&cd23=8963f1fc-452f-4f65-89e1-2bf29c02d973&cd24=no-test&cd25=0195806537&cd26=consumer&cd27=1&cd28=lg-lg&cd39=null&cd40=false&cd41=none&cd55=LM%20%2449%20Price%20Test%20CONTROL&cd56=&cd57=&cd61=&z=1935436169
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 03:07:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44481
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=1989064066&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&ul=en-us&de=UTF-8&dt=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adsense&ea=Request%20Adsense&el=kw%3Acleaning%20services&ev=1&xid=&xvar=-1&_u=aGDAgUAjQAAAAE~&jid=&gjid=&cid=1392064569.1635002942&uid=NA&tid=UA-10299948-11&_gid=1708298876.1635002942&gtm=2wgak0R7B4&cd1=no-test&cd2=NA&cd4=2a01%3A4f8%3A150%3A2008%3A36%3A%3A1&cd5=B3&cd6=B32BB&cd7=B32BB1B8&cd9=Consumer%20Services&cd10=Repair%20Shops&cd11=Cleaning%20Services&cd12=United%20States&cd13=California&cd14=Thousand%20Oaks&cd15=91360&cd16=34.184838%2C-118.86336699999998&cd17=Ventura%2C%20CA&cd18=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&cd19=Sat%20Oct%2023%202021%2015%3A29%3A01%20GMT%2B0000%20(GMT)&cd20=company-claimed&cd23=8963f1fc-452f-4f65-89e1-2bf29c02d973&cd24=no-test&cd25=0195806537&cd26=consumer&cd27=1&cd28=lg-lg&cd39=null&cd40=false&cd41=none&cd55=LM%20%2449%20Price%20Test%20CONTROL&cd56=&cd57=&cd61=&z=1886278346
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 03:07:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44481
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=1989064066&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&ul=en-us&de=UTF-8&dt=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adsense&ea=Display%20Adsense&el=%5Bunspecified%2Fbehavioral%5D%20adTitle%3Aundefined&ev=29&xid=&xvar=-1&_u=aGDAgUAjQAAAAG~&jid=&gjid=&cid=1392064569.1635002942&uid=NA&tid=UA-10299948-11&_gid=1708298876.1635002942&gtm=2wgak0R7B4&cd1=no-test&cd2=NA&cd4=2a01%3A4f8%3A150%3A2008%3A36%3A%3A1&cd5=B3&cd6=B32BB&cd7=B32BB1B8&cd9=Consumer%20Services&cd10=Repair%20Shops&cd11=Cleaning%20Services&cd12=United%20States&cd13=California&cd14=Thousand%20Oaks&cd15=91360&cd16=34.184838%2C-118.86336699999998&cd17=Ventura%2C%20CA&cd18=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&cd19=Sat%20Oct%2023%202021%2015%3A29%3A01%20GMT%2B0000%20(GMT)&cd20=company-claimed&cd23=8963f1fc-452f-4f65-89e1-2bf29c02d973&cd24=no-test&cd25=0195806537&cd26=consumer&cd27=1&cd28=lg-lg&cd39=null&cd40=false&cd41=none&cd55=LM%20%2449%20Price%20Test%20CONTROL&cd56=&cd57=&cd61=&z=684402995
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 03:07:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44481
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
10 KB
4 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R7B4&l=gtmDataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 22:23:11 GMT
server
Apache
etag
"2988-5b94848b276f9-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
3813
expires
Sat, 23 Oct 2021 15:44:02 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-10299948-11&cid=1392064569.1635002942&jid=583495728&uid=NA&gjid=836888998&_gid=1708298876.1635002942&_u=aGDAAUAjQAAAAG~&z=1928862915
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 23 Oct 2021 15:29:02 GMT
content-type
text/plain
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-10299948-11&cid=1392064569.1635002942&jid=631146546&_u=aGDAgUAjQAAAAE~&z=1074709460
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-10299948-11&cid=1392064569.1635002942&jid=631146546&_u=aGDAgUAjQAAAAE~&z=1074709460
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
293 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-10299948-11&cid=1392064569.1635002942&jid=583495728&_u=aGDAAUAjQAAAAG~&z=815902183
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
472 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-10299948-11&cid=1392064569.1635002942&jid=583495728&_u=aGDAAUAjQAAAAG~&z=815902183
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/
19 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211021-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6843ebbc25aab2ea0a89c3941516fe680ef1c8e24f0cc679cfded40613fac3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
EXXeY0x5KsfcYGZ_pU0T0nnlw5SBMrLo
content-encoding
gzip
etag
"710c3d899a609dd58f4c5ec9617e7b53"
age
16555
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5995
x-amz-id-2
Q+Zh2dJ2v3Ar81Pq6q403ueFczvs7qhGGdRczrTVne46L0iFzke/g+QYGVTGanga9C32soAy7Qk=
x-served-by
cache-fra19149-FRA
last-modified
Tue, 05 Oct 2021 10:52:45 GMT
server
AmazonS3
x-timer
S1635002942.490357,VS0,VE0
date
Sat, 23 Oct 2021 15:29:02 GMT
vary
Accept-Encoding
x-amz-request-id
MV865EZ7HGFZC99Z
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
57
x-cache-hits
95886
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/
2 KB
933 B
Stylesheet
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211021-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xNHw6tYbIMmRvQuUVymAr__rbKgbLLLL
content-encoding
gzip
etag
"978cfe7fd9cd031786ca00806b338a40"
age
16559
x-cache
HIT
x-amz-replication-status
PENDING
content-length
714
x-amz-id-2
sKK0KG3hL465MzjKb4OjlkBvKS8cNhm1KbNUDIByskxPrzh4+gt2ykbZgqDbkP1xQue6zlAQ+4c=
x-served-by
cache-fra19149-FRA
last-modified
Tue, 05 Oct 2021 10:52:45 GMT
server
AmazonS3
x-timer
S1635002942.490683,VS0,VE0
date
Sat, 23 Oct 2021 15:29:02 GMT
vary
Accept-Encoding
x-amz-request-id
7867YK4FAP67BPYV
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
57
x-cache-hits
94049
tfa-eid.20211021-3-RELEASE.es6.js
cdn.taboola.com/libtrc/
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211021-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mantamedia-manta/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdbaeedebe9b302de679c353f13864675d065cf77110db1bdc6bc1956f07dce1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
SaFhGvrt0PaiPOk9OLwCrKn1t8hHLpzC
content-encoding
gzip
etag
"0d184952121f829dab0949ef61f7a6da"
age
16
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5060
x-amz-id-2
NLIcBhK/Ql/1u0R6rxkwo4e6k7Bq/5JrVz2KyIcs8DPnioOvnm2lujirEclizN8voThgGyTma80=
x-served-by
cache-fra19149-FRA
last-modified
Thu, 21 Oct 2021 09:01:18 GMT
server
AmazonS3
x-timer
S1635002942.492042,VS0,VE0
date
Sat, 23 Oct 2021 15:29:02 GMT
vary
Accept-Encoding
x-amz-request-id
F0PSQ391T6NTVJ0B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
66
sha256.20211021-3-RELEASE.es6.js
cdn.taboola.com/libtrc/
6 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/sha256.20211021-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mantamedia-manta/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
809cdf7527a10f43477aa400ade06858914cfcc1a7cd306e955c4666923bf290

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6OwOWzhF4k2j_SFjpqXbUfZdXgxUNaaO
content-encoding
gzip
etag
"f387cf39f40848f495565e018ed82802"
age
63
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
8wvAKC7FdIaYHiGS2wbhbbZ94tPRH2q2af1E3NxjPh/ZMIvwt2vcrdYhLKcMIlMsNwsBcP37vTE=
x-served-by
cache-fra19149-FRA
last-modified
Thu, 21 Oct 2021 09:02:18 GMT
server
AmazonS3
x-timer
S1635002942.492129,VS0,VE0
date
Sat, 23 Oct 2021 15:29:02 GMT
vary
Accept-Encoding
x-amz-request-id
5243E6D0XXCFVVNM
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
258
tb
15.taboola.com/
35 KB
10 KB
XHR
General
Full URL
https://15.taboola.com/tb?oid=15&pubnm=mantamedia-manta&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&encoded=1&uid=5d876040-94b1-49db-979b-5f9826d7c162-tuct86dafbe&variant=0|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1635002942492&tagid=&cntry=DE&platform=1&sesid=31fb0669306b59164713506ce3aae9d9&itemid=/c/mx5m8pq/maid-vip&viewid=1635002942080&geolat=&geoing=&deviceifa=&appid=&sd=v2_31fb0669306b59164713506ce3aae9d9_5d876040-94b1-49db-979b-5f9826d7c162-tuct86dafbe_1635002942_1635002942_CNawjgYQhZhOGICFlO7KLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGixr-m1yv33zq0BcAA&ri=50ac750c3ab2d898285c4f3192f0fa1e&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1281029&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=HE&hasGDPRConsent=true&tcfVersion=2&cmpStatus=&tnetid=1281023&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211021-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eee86b8fc9dd05c7408673bc9f2bc1fafc2672540fc80a693b0e68847baac113

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
access-control-allow-origin
https://www.manta.com
machineid
1447
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra19149-FRA
pragma
no-cache
server
nginx
x-timer
S1635002942.496506,VS0,VE318
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20211021-3-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20211021-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mantamedia-manta/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6772e8917ee4fb1d8130c2c1ba4fc3105a6b24e2b240d6d71f2fde2a46d63358

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
bdJVfSbxg6UMRyZGxmpo833oO5kK5Mtp
content-encoding
gzip
etag
"3a52759f0ebceeef3a6e1114fd3fd3df"
age
19
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1261
x-amz-id-2
UP6tL3I6MjvLTAgaF5ZPhUN60XlrYuefKbsmfJYfJ+J+KpB81MtsOTg/+pzkPSFtfF3ynwcic4I=
x-served-by
cache-fra19149-FRA
last-modified
Thu, 21 Oct 2021 09:03:22 GMT
server
AmazonS3
x-timer
S1635002943.502551,VS0,VE0
date
Sat, 23 Oct 2021 15:29:02 GMT
vary
Accept-Encoding
x-amz-request-id
R26YZMB9XW1ANPPM
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
58
userx.20211021-3-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20211021-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mantamedia-manta/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48730b0b9f0732c79ead71c8b1ae1586187efd5104460862a9bda97051aeb2fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jYfVgZpnkOMWyMVzV41aIk0vS5W7tX2M
content-encoding
gzip
etag
"91c013a1580b49c178023ed6c1f85e82"
age
8
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5340
x-amz-id-2
blg/ErltIqYRcT4B0mj9rzm8qW7tvFMMYUrOD6rVy41483Uu1Slc5RvR92yN0rMhgt2d1ZMM+1Y=
x-served-by
cache-fra19149-FRA
last-modified
Thu, 21 Oct 2021 09:01:01 GMT
server
AmazonS3
x-timer
S1635002943.510890,VS0,VE0
date
Sat, 23 Oct 2021 15:29:02 GMT
vary
Accept-Encoding
x-amz-request-id
BV4RDN58X7XNENYY
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
8
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
102
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
yeOJJ+tNNdajw4hK3I7/tYpBRq+/TJEGfi4sEZRXOp9UQ3u6dQQzKs083dQVHcAwy/qqwRKPz0M=
x-served-by
cache-fra19149-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1635002943.512011,VS0,VE0
date
Sat, 23 Oct 2021 15:29:02 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
1PW18NSMPYAQGD13
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
57
x-cache-hits
182
moranga.woff2
cc3.manta-r3.com/dist/3d3f4ecd/webfonts/
47 KB
47 KB
Font
General
Full URL
https://cc3.manta-r3.com/dist/3d3f4ecd/webfonts/moranga.woff2
Requested by
Host: cc3.manta-r3.com
URL: https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53fdf5195ba5d75d4d857cd96fa8ffd619a9e6b8f24a5761646cc1863459c056

Request headers

Referer
https://cc3.manta-r3.com/dist/3d3f4ecd/directory/css/app.css
Origin
https://www.manta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:33:39 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
269724
x-cache
Hit from cloudfront
content-length
47765
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 11:08:40 GMT
server
AmazonS3
etag
"a558729cd05e3ce2f11d735119ec32c0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
via
1.1 9905602b8526d2635024f3edbf1df703.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
x-amz-cf-id
9cus_FIV8HD6Bx5TB5CEkyAZ6Zdouz1AkfAZJm2ZGRBr4EvgnGpw0w==
debug
am-trc-events.taboola.com/mantamedia-manta/log/2/
0
90 B
Image
General
Full URL
https://am-trc-events.taboola.com/mantamedia-manta/log/2/debug?tim=15%3A29%3A02.502&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=622&cv=20211021-3-RELEASE&lt=snap_rtb_3_var&uuid=de59144bac592044d7c9f5fee7f9f52f5cbfdd069bd2573f909a610d0bd591bf&dcc=1&pct=1
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
10542
debug
am-trc-events.taboola.com/mantamedia-manta/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/mantamedia-manta/log/2/debug?tim=15%3A29%3A02.503&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=7462&cv=20211021-3-RELEASE&lt=snap_rtb_3_var&uuid=de59144bac592044d7c9f5fee7f9f52f5cbfdd069bd2573f909a610d0bd591bf&dcc=2&pct=1
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
10542
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/
143 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5318756859004963&plah=www.manta.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c875f6a7bff9518cf1bc31419712e409d77bc83963de338fb0b0a2da2d5fda7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
52655
x-xss-protection
0
server
cafe
etag
7386385034072248466
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 15:29:02 GMT
css
fonts.googleapis.com/ Frame E2CF
3 KB
676 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 14:25:55 GMT
server
ESF
date
Sat, 23 Oct 2021 15:29:02 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 15:29:02 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame E2CF
2 KB
991 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 15:21:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame E2CF
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 15:27:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame E2CF
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:22:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 15:22:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2CF
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 15:29:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame E2CF
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 15:14:24 GMT
fc4a425cba241d0dce431f7f76e62919.js
www.gstatic.com/mysidia/ Frame E2CF
27 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11259
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 09:43:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 19 Jan 2022 22:59:03 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E2CF
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUDjhPip0YbTeCIqG1fAP5uGvyAaWjffVZbXfzqfFDtuG9f0IEAEgzrKSA2CV-vCBjAegAYfGttADyAEJqQLc2A5wtYmzPqgDAcgDywSqBNoBT9D6Sqls6EUoGE31bJZ0KuuafHPUe3vms-wfXzt8-sPn_BZBHAAJS5WWgI12bODffCKrUByVntSaPzfxNH9-xsSHAr08FkMUpaZZ76l8igC8wsESo7ZknqI--Z-1lZyxaQWHGfj2odMnN2rFqBzhSk1qi56JBm10C_6NsY_MXiVWCrgOv_omS6V6kgvv77NKqZ7U7oIG-dXGzr_89MmeaflOQ8UxjqDOfooCjhEnqFwgDdoKyVEi2ETX7gONixRt-Z8zyYAInCk2w52B7num0sN9kL3qXCrI9yPABOrlhKjkA6AGLoAH4bnJL6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQ4sZC0ggJCIDhgHAQARhfgAoByAsBuBOIJ9gTA9AVAYAXAbIXHAoaCAASFHB1Yi01MzE4NzU2ODU5MDA0OTYzGAA&sigh=35XpCZXHqjI&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 23 Oct 2021 15:29:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 23 Oct 2021 15:29:02 GMT
truncated
/ Frame E2CF
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
downsize_200k_v1
tpc.googlesyndication.com/simgad/12935205807468927938/ Frame E2CF
5 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12935205807468927938/downsize_200k_v1?w=195&h=102
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
152fdbc070919d427dd79b02fe9a72fcfeede053ec38c2f882cc1b78420bcc56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 23:12:25 GMT
x-content-type-options
nosniff
age
144997
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5411
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 14:49:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 23:12:25 GMT
truncated
/ Frame E2CF
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a623f9daecf93d059eeca5c509c612c5a761b9f9eca686102a24ef4d95dd5e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.5.1/
98 KB
28 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/3.5.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211021-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
134c91956455eb241d286787dda06c5fd8bcdcba4af2b2074afb40c70d15e043

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront), 1.1 varnish
age
227761
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
28627
x-served-by
cache-fra19149-FRA
last-modified
Thu, 23 Sep 2021 05:31:45 GMT
server
AmazonS3
x-timer
S1635002943.855411,VS0,VE0
etag
"5c57b0029cd478a3ea52a16ba941b64e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
K2K0L2y_c1kF6JGaVE4E3QIifTP9JH-m9XNh3hWeMfkuxK206JKbIg==
x-cache-hits
9176
debug
am-trc-events.taboola.com/mantamedia-manta/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/mantamedia-manta/log/2/debug?tim=15%3A29%3A02.851&type=warn&msg=video%20debug%3A%20Response%20videoCallbackData%20text%20is%20not%20empty%20&llvl=2&id=7747&cv=20211021-3-RELEASE&lt=snap_rtb_3_var&uuid=de59144bac592044d7c9f5fee7f9f52f5cbfdd069bd2573f909a610d0bd591bf&dcc=3&pct=1
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
10814
adbebi_
fundingchoicesmessages.google.com/f/AGSKWxUK97xc4ItmuTJMA-rVNY55ESli6JcmaaAQuZxssNGs5D2APFuD7TZ_WYtRU1v41VKNy3ub1JxFbtV59oYjvi6ds5qMAOPiM6bujFnvXnRVkrMFqtu9KkLDf3c1ARXxOmXe28ZxXNNojtQn6_LzqC7xa1be_...
54 B
464 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUK97xc4ItmuTJMA-rVNY55ESli6JcmaaAQuZxssNGs5D2APFuD7TZ_WYtRU1v41VKNy3ub1JxFbtV59oYjvi6ds5qMAOPiM6bujFnvXnRVkrMFqtu9KkLDf3c1ARXxOmXe28ZxXNNojtQn6_LzqC7xa1be_LqRsbJxsMyptGMTy6SWiEO0EO_I-CLLAI41CoizwODHeQWUOfX5h35R6BBomBAZflIndde7WT_1OtBzvfA=/_/adscdn..trtbl:-abp-has(.warnIp)/msgads./ad-iframe./adbebi_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Pzkn6oUlWAg.es5.O/d=1/rs=AJlcJMz6lYLs0-zxiv9w7zuX6e0kLl7UtA/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2e673f2dfea57534b1541982bab04367f441a606b94b419e2f2355d816af16
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/sGIXaOuzu4nnNmsrBtMzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-/sGIXaOuzu4nnNmsrBtMzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-/sGIXaOuzu4nnNmsrBtMzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-/sGIXaOuzu4nnNmsrBtMzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
192 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Pzkn6oUlWAg.es5.O/d=1/rs=AJlcJMz6lYLs0-zxiv9w7zuX6e0kLl7UtA/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 03:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43003
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
67
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 03:32:19 GMT
AGSKWxWdbo2yFyjAyIEAV9VWhe_5VYqtVe9bxygI04jU5qK-nyzmsJvt35yp3f0dTm7zXNbWhxg8YzZJzo917987dgNeSC3WU_7On736BJVVEphgXnWA7FZM8k2o7at1kFygxoNrV89TMdn_UMBckhSmHi75R9cDgik_053ki5zd4hTAMN6damQGRSxcOks3
fundingchoicesmessages.google.com/el/
0
528 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWdbo2yFyjAyIEAV9VWhe_5VYqtVe9bxygI04jU5qK-nyzmsJvt35yp3f0dTm7zXNbWhxg8YzZJzo917987dgNeSC3WU_7On736BJVVEphgXnWA7FZM8k2o7at1kFygxoNrV89TMdn_UMBckhSmHi75R9cDgik_053ki5zd4hTAMN6damQGRSxcOks3
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Pzkn6oUlWAg.es5.O/d=1/rs=AJlcJMz6lYLs0-zxiv9w7zuX6e0kLl7UtA/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gdbweGBNjoCCai8R7arAWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-gdbweGBNjoCCai8R7arAWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-gdbweGBNjoCCai8R7arAWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-gdbweGBNjoCCai8R7arAWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
41 KB
15 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 22:23:11 GMT
server
Apache
etag
"a253-5b94848b276f1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
14886
expires
Sat, 23 Oct 2021 15:44:02 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame E2CF
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:15:39 GMT
x-content-type-options
nosniff
age
220403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 02:15:39 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame E2CF
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:21:26 GMT
x-content-type-options
nosniff
age
421656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 18 Oct 2022 18:21:26 GMT
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame C4B8
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
59426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
AGSKWxWdbo2yFyjAyIEAV9VWhe_5VYqtVe9bxygI04jU5qK-nyzmsJvt35yp3f0dTm7zXNbWhxg8YzZJzo917987dgNeSC3WU_7On736BJVVEphgXnWA7FZM8k2o7at1kFygxoNrV89TMdn_UMBckhSmHi75R9cDgik_053ki5zd4hTAMN6damQGRSxcOks3
fundingchoicesmessages.google.com/el/
0
364 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWdbo2yFyjAyIEAV9VWhe_5VYqtVe9bxygI04jU5qK-nyzmsJvt35yp3f0dTm7zXNbWhxg8YzZJzo917987dgNeSC3WU_7On736BJVVEphgXnWA7FZM8k2o7at1kFygxoNrV89TMdn_UMBckhSmHi75R9cDgik_053ki5zd4hTAMN6damQGRSxcOks3
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Pzkn6oUlWAg.es5.O/d=1/rs=AJlcJMz6lYLs0-zxiv9w7zuX6e0kLl7UtA/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ilBtXyrxudMBmtRmrx+gKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ilBtXyrxudMBmtRmrx+gKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ilBtXyrxudMBmtRmrx+gKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ilBtXyrxudMBmtRmrx+gKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWdbo2yFyjAyIEAV9VWhe_5VYqtVe9bxygI04jU5qK-nyzmsJvt35yp3f0dTm7zXNbWhxg8YzZJzo917987dgNeSC3WU_7On736BJVVEphgXnWA7FZM8k2o7at1kFygxoNrV89TMdn_UMBckhSmHi75R9cDgik_053ki5zd4hTAMN6damQGRSxcOks3
fundingchoicesmessages.google.com/el/
0
364 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWdbo2yFyjAyIEAV9VWhe_5VYqtVe9bxygI04jU5qK-nyzmsJvt35yp3f0dTm7zXNbWhxg8YzZJzo917987dgNeSC3WU_7On736BJVVEphgXnWA7FZM8k2o7at1kFygxoNrV89TMdn_UMBckhSmHi75R9cDgik_053ki5zd4hTAMN6damQGRSxcOks3
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Pzkn6oUlWAg.es5.O/d=1/rs=AJlcJMz6lYLs0-zxiv9w7zuX6e0kLl7UtA/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-q2CIaDjxqj6Y4Eo5QIuR2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-q2CIaDjxqj6Y4Eo5QIuR2w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-q2CIaDjxqj6Y4Eo5QIuR2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-q2CIaDjxqj6Y4Eo5QIuR2w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUDnKBZgMObIg5kEHEf434-44evLObdXzXtB_ijWhDo1EHEmIaR6IqFvGOjBqqzHrIotOcsiXKyMPRYxC3BDs9LgmxqbrLmdezLvhoPdh5XrtL_C-9m4JYa-RquCbXJ2J3IASdDR0I4bV_oDzrJHA5zjhZRRUrlW7aTmd5tWCFNR1ARkgTa10uYPGCL
fundingchoicesmessages.google.com/f/
42 KB
16 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUDnKBZgMObIg5kEHEf434-44evLObdXzXtB_ijWhDo1EHEmIaR6IqFvGOjBqqzHrIotOcsiXKyMPRYxC3BDs9LgmxqbrLmdezLvhoPdh5XrtL_C-9m4JYa-RquCbXJ2J3IASdDR0I4bV_oDzrJHA5zjhZRRUrlW7aTmd5tWCFNR1ARkgTa10uYPGCL?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM1MDAyOTQyLDkxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL3d3dy5tYW50YS5jb20vYy9teDVtOHBxL21haWQtdmlwIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Pzkn6oUlWAg.es5.O/d=1/rs=AJlcJMz6lYLs0-zxiv9w7zuX6e0kLl7UtA/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b4a1d90593b73f5c051acbdbee4622a97477f3459cb4b68155091500d4067a2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yCh1dBpbcMxwycmMmYJV5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-yCh1dBpbcMxwycmMmYJV5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-yCh1dBpbcMxwycmMmYJV5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-yCh1dBpbcMxwycmMmYJV5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWdbo2yFyjAyIEAV9VWhe_5VYqtVe9bxygI04jU5qK-nyzmsJvt35yp3f0dTm7zXNbWhxg8YzZJzo917987dgNeSC3WU_7On736BJVVEphgXnWA7FZM8k2o7at1kFygxoNrV89TMdn_UMBckhSmHi75R9cDgik_053ki5zd4hTAMN6damQGRSxcOks3
fundingchoicesmessages.google.com/el/
0
363 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWdbo2yFyjAyIEAV9VWhe_5VYqtVe9bxygI04jU5qK-nyzmsJvt35yp3f0dTm7zXNbWhxg8YzZJzo917987dgNeSC3WU_7On736BJVVEphgXnWA7FZM8k2o7at1kFygxoNrV89TMdn_UMBckhSmHi75R9cDgik_053ki5zd4hTAMN6damQGRSxcOks3
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Pzkn6oUlWAg.es5.O/d=1/rs=AJlcJMz6lYLs0-zxiv9w7zuX6e0kLl7UtA/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s3HvMGl7v1Iu8h0+jK1Mpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-s3HvMGl7v1Iu8h0+jK1Mpw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s3HvMGl7v1Iu8h0+jK1Mpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-s3HvMGl7v1Iu8h0+jK1Mpw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/
377 B
583 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=234
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2100 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
d92a3e14a3a532db3a1f281339226bab8fc36097e073bc71eb1b125c2c8e00a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.manta.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
377
expires
Sat, 23 Oct 2021 15:59:03 GMT
AGSKWxXHZWH3y83Xvi3eoMEybzNocdpcoFrQKyXtmgJ14gwILrQnZx1aMM0yLwaQEOnCoNQu6aCKoxA970G8ip6_UvlBi0VptjqkcFqUK_CUXV9j9TPgCf94fZLjpFYQMT8rbUHJJcaF2v8V9Gbw3iSdHhzBo12bDS6m27XMmaFrrBwgC7URiPEB016F2CRn
fundingchoicesmessages.google.com/el/
0
362 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXHZWH3y83Xvi3eoMEybzNocdpcoFrQKyXtmgJ14gwILrQnZx1aMM0yLwaQEOnCoNQu6aCKoxA970G8ip6_UvlBi0VptjqkcFqUK_CUXV9j9TPgCf94fZLjpFYQMT8rbUHJJcaF2v8V9Gbw3iSdHhzBo12bDS6m27XMmaFrrBwgC7URiPEB016F2CRn
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.I0FrTO-0Gzg.es5.O/d=1/rs=AJlcJMzHTK17iW9hOKhJybVs_M_jUXlbyA/m=cookie_refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uPaYmBpjUvo8UGeOU1wxFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-uPaYmBpjUvo8UGeOU1wxFA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-uPaYmBpjUvo8UGeOU1wxFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-uPaYmBpjUvo8UGeOU1wxFA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXHZWH3y83Xvi3eoMEybzNocdpcoFrQKyXtmgJ14gwILrQnZx1aMM0yLwaQEOnCoNQu6aCKoxA970G8ip6_UvlBi0VptjqkcFqUK_CUXV9j9TPgCf94fZLjpFYQMT8rbUHJJcaF2v8V9Gbw3iSdHhzBo12bDS6m27XMmaFrrBwgC7URiPEB016F2CRn
fundingchoicesmessages.google.com/el/
0
363 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXHZWH3y83Xvi3eoMEybzNocdpcoFrQKyXtmgJ14gwILrQnZx1aMM0yLwaQEOnCoNQu6aCKoxA970G8ip6_UvlBi0VptjqkcFqUK_CUXV9j9TPgCf94fZLjpFYQMT8rbUHJJcaF2v8V9Gbw3iSdHhzBo12bDS6m27XMmaFrrBwgC7URiPEB016F2CRn
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.I0FrTO-0Gzg.es5.O/d=1/rs=AJlcJMzHTK17iW9hOKhJybVs_M_jUXlbyA/m=cookie_refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mJ9BJKxvpetgBilr4p2NYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mJ9BJKxvpetgBilr4p2NYw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mJ9BJKxvpetgBilr4p2NYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mJ9BJKxvpetgBilr4p2NYw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-1-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:03 GMT
Content-Encoding
gzip
X-Pardot-Route
4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB
4208770abb36eec2b2f3a1c951758cc1
Last-Modified
Fri, 22 Oct 2021 19:38:26 GMT
Server
PardotServer
ETag
"1547-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1950
Expires
Mon, 23 Oct 2023 15:29:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5318756859004963&plah=www.manta.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d6f7e971f7deded9b3c123d9d51fdc973e6729ea8709ea59298740f99c19c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8719
x-xss-protection
0
gdpr-cmp-bootstrap.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/
307 KB
68 KB
Script
General
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
267d1daed09d9ecec5f1e21bb6fe93e6eb9b65a051b7c07e966dfcda10f9e812

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:20:57 GMT
server
Apache
etag
"4ccb2-5cc99935cd436-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
69040
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5318756859004963&plah=www.manta.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 23 Oct 2021 15:29:03 GMT
euconsent
api.conversant.mgr.consensu.org/
105 B
292 B
XHR
General
Full URL
https://api.conversant.mgr.consensu.org/euconsent?configId=10078&cmpVersion=3.5.0&c=55423518101
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
56085db0fc84b660a577ec1ad659dd2708c0ab37edb3ef6b514c9a93c4c92ee5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.manta.com
date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx
vary
Origin
content-type
application/json
st
imprammp.taboola.com/ Frame E9B2
1 KB
664 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66425185&crid=5922285&dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&cmcv=&pix=undefined&cb=1635002943172&uv=3050&tms=1635002943172&abt=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=39A4FCF8E42063651121057962582&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66425185&crid=5922285&dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&cmcv=&pix=undefined&cb=1635002943172&uv=3050&tms=1635002943172&abt=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=39A4FCF8E42063651121057962582&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Sat, 23 Oct 2021 15:29:03 GMT
via
1.1 varnish
x-served-by
cache-fra19149-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1635002943.178901,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame 6E6B
1 KB
1 KB
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 15:29:03 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3404
VideoBidRequestHandlerServlet
wf.taboola.com/
10 KB
6 KB
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5922285&noaop=3&sortOrderType=0&cb=1635002943178&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1283&pt=-210239579&tz=0&viewable=true&ddast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2358715&dpubid=430605&abtst=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.manta.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08fa76d3f76d7b497d34c95506bb22ba7d43bce73c58db0ed7197a0ccc7a4969

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
access-control-allow-origin
https://www.manta.com
machineid
1460
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19149-FRA
pragma
no-cache
server
nginx
x-timer
S1635002943.182426,VS0,VE129
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://vpaid.pubmatic.com>; rel=preconnect,<http://ads.stickyadstv.com>; rel=preconnect,<https://taboola-d.openx.net>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66425185&crid=5922285&dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&cmcv=&pix=31589837&cb=1635002943172&uv=3050&tms=1635002943172&abt=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1635002941044.3!ts:1635002943172&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-length
0
server
nginx
sid2hashes.json
urlbi.com/
2 B
163 B
XHR
General
Full URL
https://urlbi.com/sid2hashes.json
Requested by
Host: urlbi.com
URL: https://urlbi.com/pixel.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.118.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-118-226.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://www.manta.com
date
Sat, 23 Oct 2021 15:29:03 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
2
vary
Origin
content-type
application/json; charset=utf-8
pixel.gif
urlbi.com/
43 B
167 B
Image
General
Full URL
https://urlbi.com/pixel.gif?pid=2442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.118.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-118-226.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
sid2hashes.json
urlbi.com/ Frame
0
0
Preflight
General
Full URL
https://urlbi.com/sid2hashes.json
Protocol
H2
Server
34.224.118.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-118-226.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.manta.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
awselb/2.0
date
Sat, 23 Oct 2021 15:29:03 GMT
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-credentials
true
access-control-allow-origin
https://www.manta.com
vary
Origin, Access-Control-Request-Headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F5F2
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 23 Oct 2021 14:41:26 GMT
expires
Sun, 23 Oct 2022 14:41:26 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2857
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 271F
783 B
960 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c32c59ee0d9771fe7a5437b58d55c11743b4bd480788279fa9ce2397c8d7ec2e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ll6vGdMI8l1Z3j9Gl8E0LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 23 Oct 2021 15:29:03 GMT
date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ll6vGdMI8l1Z3j9Gl8E0LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
generic
match.adsrvr.org/track/cmf/ Frame E9B2
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66425185&crid=5922285&dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&cmcv=&pix=undefined&cb=1635002943172&uv=3050&tms=1635002943172&abt=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=39A4FCF8E42063651121057962582&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame E9B2
43 B
182 B
Image
General
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66425185&crid=5922285&dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&cmcv=&pix=undefined&cb=1635002943172&uv=3050&tms=1635002943172&abt=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=39A4FCF8E42063651121057962582&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:787a:99c3:22c2:11ca Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame E9B2
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f3f4ab02-3415-11ec-b974-169e7f670306&orig=video&us_privacy=1---gdpr=1&
0
230 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f3f4ab02-3415-11ec-b974-169e7f670306&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66425185&crid=5922285&dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&cmcv=&pix=undefined&cb=1635002943172&uv=3050&tms=1635002943172&abt=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=39A4FCF8E42063651121057962582&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14639

Redirect headers

Date
Sat, 23 Oct 2021 15:29:03 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f3f4ab02-3415-11ec-b974-169e7f670306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
6
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame E9B2
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66425185&crid=5922285&dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&cmcv=&pix=undefined&cb=1635002943172&uv=3050&tms=1635002943172&abt=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=39A4FCF8E42063651121057962582&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.176.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-176-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 6E6B
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 6E6B
43 B
183 B
Image
General
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:787a:99c3:22c2:11ca Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6E6B
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f3f4ab02-3415-11ec-b974-169e7f670306&orig=video&us_privacy=1---gdpr=1&
0
230 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f3f4ab02-3415-11ec-b974-169e7f670306&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14639

Redirect headers

Date
Sat, 23 Oct 2021 15:29:03 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f3f4ab02-3415-11ec-b974-169e7f670306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
40
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 6E6B
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.176.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-176-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 271F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=2186391683163801&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame F5F2
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
59427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
vendor-list.json
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/
291 KB
37 KB
XHR
General
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b517a25ccec5e4ae5dc0a0bd07c0f67bd61e713e2d7a2634d425278d5ce5e3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 16:15:01 GMT
server
Apache
etag
"48b65-5cedf32559f30-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
37489
event
api.conversant.mgr.consensu.org/gdpr/cmp/
0
119 B
XHR
General
Full URL
https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.manta.com
date
Sat, 23 Oct 2021 15:29:03 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
gdpr-cmp-ui.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/
326 KB
82 KB
Script
General
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6dbfba471ede6d5d286947ae471abb02656ff5cc5f69374dd133ed2ba11e86c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:20:57 GMT
server
Apache
etag
"5169b-5cc99935ce3d4-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
83207
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/30_5_0/infra/
768 KB
131 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/30_5_0/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9abbef161f3a1fe62dc5e5fa181a6a5ac94e6a74a329481c4dd69ffb41223265

Request headers

Referer
https://www.manta.com/
Origin
https://www.manta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
via
1.1 varnish
age
270417
x-amz-meta-mtime
1634732439
x-cache
HIT
x-amz-meta-ctime
1634732440
x-amz-meta-mode
33188
content-encoding
br
content-length
133120
x-amz-id-2
E+dvGoQd73sZqRz7AY5o5JNzjSwn01Gmry5msgQGdncC9IUNeB2NkQOkVJOGJn713AAf0JzGv+k=
x-served-by
cache-fra19163-FRA
accept-ranges
bytes
last-modified
Wed, 20 Oct 2021 12:20:41 GMT
server
AmazonS3-br
x-timer
S1635002943.366215,VS0,VE0
etag
"b93ce3bf5ba2ae2b56e5e0d552204fd0"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
9W08KRQP2K3FZ56T
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
189818
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_5_0/assets/css/
61 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/30_5_0/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9943b8f4183b5d1af6c61041137373b4de761f7ba52fe4ec310d7d576bf3f59f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
via
1.1 varnish
age
270416
x-amz-meta-mtime
1634732457
x-cache
HIT
x-amz-meta-ctime
1634732457
x-amz-meta-mode
33188
content-encoding
br
content-length
8016
x-amz-id-2
3NmeyiQWUMuxlNOXXEg5cp0WR0n0reZ24WUSzBdcX6RuD9brWdOfLYwHGYBelL+oKRt7WGbZ0GM=
x-served-by
cache-fra19149-FRA
accept-ranges
bytes
last-modified
Wed, 20 Oct 2021 12:20:58 GMT
server
AmazonS3-br
x-timer
S1635002943.351999,VS0,VE0
etag
"f6d7e1c5331f7517f4d72f862d1ad27b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
9W079RK2XF19BXGD
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
280490
en.json
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/
4 KB
1 KB
XHR
General
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:20:57 GMT
server
Apache
etag
"f30-5cc99935cff3c-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
1178
event
api.conversant.mgr.consensu.org/gdpr/cmp/
0
118 B
XHR
General
Full URL
https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.manta.com
date
Sat, 23 Oct 2021 15:29:03 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
videoCard.1451368a7b5e945a3252.js
cdn.intergient.com/pageos/1.6.27/
551 B
1000 B
Script
General
Full URL
https://cdn.intergient.com/pageos/1.6.27/videoCard.1451368a7b5e945a3252.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 05:31:52 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117d.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 18:06:15 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634580368/ctime:1634580368/gid:20/gname:staff/md5:bfb44d87e9e552efe6f335d770ab135a/mode:33188/mtime:1634580368/uid:501/uname:thomascreamer
age
35832
etag
"bfb44d87e9e552efe6f335d770ab135a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
551
x-amz-cf-id
KKRjG0jxnCLsHZAdBQWv06oFt-dJSEEjpQ8r2exdErEByY1Hsr23rQ==
batchHandler.292de00282b644b2ec50.js
cdn.intergient.com/pageos/1.6.27/
3 KB
2 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.6.27/batchHandler.292de00282b644b2ec50.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
225a5d44793400c62040e70a55fc77beed0a3cbc0d7ac361abbf4085392b1e20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 01:52:22 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 18:06:10 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634580368/ctime:1634580368/gid:20/gname:staff/md5:de92c4772058b0bc43087610c61d14a5/mode:33188/mtime:1634580368/uid:501/uname:thomascreamer
age
49002
etag
W/"de92c4772058b0bc43087610c61d14a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3bfeb8eb7405a05775de8861a4d117d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
jalY_rl6LWrdkNXA7AghByJpritOIq-SR5oV_x-4qTzm6cTiTT24VQ==
banner.json
config.playwire.com/1024347/v2/websites/72853/
113 KB
6 KB
XHR
General
Full URL
https://config.playwire.com/1024347/v2/websites/72853/banner.json
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:fc00:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
7fdd4e727b0b684b86cc7dab5cf0b35014c7da5c7b08e6270656fc6d49e8442c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 20:31:48 GMT
via
1.1 vegur, 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
server
Cowboy
age
68234
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
DE
x-amz-cf-pop
FRA56-P2
content-encoding
br
x-amz-cf-id
WDNRmgA2SmHs1PTn0rWppVzyka5wvseHmoks2nA61I-_NEXz1zWKSQ==
moatheader.js
z.moatads.com/playwireprebidheader597261727146/
214 KB
75 KB
Script
General
Full URL
https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1e6f4c795337ff4e514d972bcb14e6f717fe96857630799ab895c45d330c67c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
last-modified
Tue, 12 Oct 2021 15:27:19 GMT
server
AmazonS3
x-amz-request-id
5TPFE326ZRTF2EYA
etag
"1df48c0f86be3c3ee937f8e82b9ed036"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=21586
accept-ranges
bytes
content-length
76136
x-amz-id-2
Fqw0ZVGozfgrwt6d6N9sCHibPwVADeDgi3/w+YnUmUVv6R5xSFBhhgoMJjensTD5F95VB1W0r8Q=
usync.html
eus.rubiconproject.com/ Frame 19D8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66425185&crid=5922285&dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&cmcv=&pix=undefined&cb=1635002943172&uv=3050&tms=1635002943172&abt=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=39A4FCF8E42063651121057962582&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://imprammp.taboola.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Oct 2021 15:29:03 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Sat, 23 Oct 2021 15:29:03 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.html
eus.rubiconproject.com/ Frame C1E9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Oct 2021 15:29:03 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Sat, 23 Oct 2021 15:29:03 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
PMS.js
vidstat.taboola.com/PMS/3.2.2/
59 KB
17 KB
Script
General
Full URL
https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront), 1.1 varnish
age
1475141
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
17509
x-served-by
cache-fra19149-FRA
last-modified
Thu, 21 Jan 2021 11:30:56 GMT
server
AmazonS3
x-timer
S1635002944.519710,VS0,VE0
etag
"f237b8d35060f133ac8c595fd1234e1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
JVAUVHZomFBOTYSmiRyONx061K0r8J89HAeMC4sUhok9f7gqiMDPAg==
x-cache-hits
1007800
bulk
trc.taboola.com/mantamedia-manta/log/3/
0
261 B
XHR
General
Full URL
https://trc.taboola.com/mantamedia-manta/log/3/bulk?route=AM%3AAM%3AV&lti=snap_rtb_3_var&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211021-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Sat, 23 Oct 2021 15:29:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1635002944.547160,VS0,VE9
x-served-by
cache-fra19149-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.manta.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
709 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
28226
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by
cache-fra19149-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1635002944.547378,VS0,VE0
date
Sat, 23 Oct 2021 15:29:03 GMT
x-amz-request-id
E8X2YXVA73E9K5Z9
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
12
x-cache-hits
19294
vendors~gdpr.f92225b828d740c7c57f.js
cdn.intergient.com/pageos/1.6.27/
65 KB
16 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.6.27/vendors~gdpr.f92225b828d740c7c57f.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 12:58:26 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 18:06:15 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634580368/ctime:1634580368/gid:20/gname:staff/md5:9b5e3fdd31d877679a5666fe44299ea9/mode:33188/mtime:1634580368/uid:501/uname:thomascreamer
age
9038
etag
W/"9b5e3fdd31d877679a5666fe44299ea9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3bfeb8eb7405a05775de8861a4d117d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
LnUDzgVNL8cn-p5q99z0xmdPPYnEH0BTTz0pAT_6gce4MKzdK34Ttg==
gdpr.b95decdf3fae99b9a6c0.js
cdn.intergient.com/pageos/1.6.27/
8 KB
3 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.6.27/gdpr.b95decdf3fae99b9a6c0.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63de30a657bccde3628bdb506e684eddcff3e21a0969d89b07c1230c3629019e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 00:59:50 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:06:13 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634580368/ctime:1634580368/gid:20/gname:staff/md5:231d2c1af38f5f850b57d2b8067b6bfa/mode:33188/mtime:1634580368/uid:501/uname:thomascreamer
age
52154
etag
W/"231d2c1af38f5f850b57d2b8067b6bfa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3bfeb8eb7405a05775de8861a4d117d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
wqe3yTIbzXeIaFwwA_EVbyVbGMI-Hm2vZ86HUm_ItU25sQ0CgkPdSg==
aws-sdk-kinesis.min.js
cdn.intergient.com/pageos/js/libs/
227 KB
67 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.27/batchHandler.292de00282b644b2ec50.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de7b10eaab1f3ee093d20cc0c5d8c60dfe788b58ac8a4a8ddfe534be975df598

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 00:36:09 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 13:10:54 GMT
server
AmazonS3
age
53575
etag
W/"cc1354171ad23accb0ee3568226633e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 b3bfeb8eb7405a05775de8861a4d117d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
_Y9nexEljumD7iRAnIQGEFL58sAWeMVL1C2KbBrBzmSqqXPHqebx6w==
v2
mb.moatads.com/yi/
254 B
428 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-t6wZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-6aoldYv6BziEcg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&pcode=playwireprebidheader597261727146&callback=MoatNadoAllJsonpRequest_65827439
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.74.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
7fe0088dbc656896706b36a64b5376056ed8648fa64af237d06ffa398b9bd17c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"b20495560414e55a1acfa54a030a7ac31c1358b2"
content-length
254
content-type
text/html; charset=UTF-8
content14_10_18m.js
vidstat.taboola.com/
37 KB
8 KB
Script
General
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age
2793197
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-fra19149-FRA
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1635002944.683933,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Z1AaP1z8XWMbtLqmlcB4G4YTes4X6hGOLI8Z7E1BqJ1mwietJ_cWKQ==
x-cache-hits
1278733
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/
8 KB
2 KB
Script
General
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 varnish
age
2043874
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-fra19149-FRA
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1635002944.686583,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5puIF1VtGsg5AgLD-YhuubmNu7Q6UPt-NFh936bEWE39Q7_EvHV1Mw==
x-cache-hits
875601
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/
571 KB
117 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e0ffd733e8a745676c04d635bc1f36e84bc809cd79113c5001723527597ec04c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
via
1.1 varnish
age
282424
x-amz-meta-mtime
1634720446
x-cache
HIT
x-amz-meta-ctime
1634720459
x-amz-meta-mode
33188
content-encoding
br
content-length
119260
x-amz-id-2
9ng9QD+XwK8kEiqMDnMPOKKTUPJHdai63IylzZYBDsU61la052oMBgWZs2Hpw0Ie5n5Sh+NF9EM=
x-served-by
cache-fra19149-FRA
accept-ranges
bytes
last-modified
Wed, 20 Oct 2021 09:01:00 GMT
server
AmazonS3-br
x-timer
S1635002944.698648,VS0,VE0
etag
"636c2d91c16f13aeb9cce443aee25600"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
K4W297EBV8AB9VZZ
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
313566
sync
am-match.taboola.com/ Frame 87B8
1 KB
1 KB
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_5_0/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
bdcc13c2a0fb02a595f26d25d6ac5057719ce7050ecf985585102390e6fc06d3

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=1c481b1d-912c-4f37-a46c-f7f39673d806-tuct86dafbf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 15:29:03 GMT
content-type
text/html;charset=ISO-8859-1
machineid
9405
analytics
pi.pardot.com/
1 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=4578&account_id=715133&title=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-1-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
d473780efdb44c40fbb286ba919f3c1df180c4e3ac2e738f8f017f1cc2ac03b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:03 GMT
Content-Encoding
gzip
X-Pardot-Route
d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB
4208770abb36eec2b2f3a1c951758cc1
X-Pardot-Rsp
16/62/99
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
550
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
usync.js
eus.rubiconproject.com/ Frame C1E9
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51297
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sun, 24 Oct 2021 05:44:00 GMT
usync.js
eus.rubiconproject.com/ Frame 19D8
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51297
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sun, 24 Oct 2021 05:44:00 GMT
iframe.html
cdn.intergient.com/pageos/1.6.27/iframe/ Frame F46B
542 B
982 B
Document
General
Full URL
https://cdn.intergient.com/pageos/1.6.27/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
577cb73ab9df232d41ffdeeea1d715f5090b9ceb41e77a8ae698d1d9d3f7d099

Request headers

:method
GET
:authority
cdn.intergient.com
:scheme
https
:path
/pageos/1.6.27/iframe/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

content-type
text/html
content-length
542
last-modified
Mon, 18 Oct 2021 18:06:14 GMT
x-amz-meta-s3cmd-attrs
atime:1634580367/ctime:1634580367/gid:20/gname:staff/md5:490ce8e7d77889c4fa2c1daa94f3c188/mode:33188/mtime:1634580367/uid:501/uname:thomascreamer
accept-ranges
bytes
server
AmazonS3
date
Sat, 23 Oct 2021 12:58:30 GMT
etag
"490ce8e7d77889c4fa2c1daa94f3c188"
x-cache
Hit from cloudfront
via
1.1 b3bfeb8eb7405a05775de8861a4d117d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
CEmhQqgm9GuxoEw5eM6yVDCXYktenV78AZdrlHbmC3xQvKXmHqlgaw==
age
51633
vadtag.html
vpaid.pubmatic.com/ads/video/
1 KB
864 B
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&gdpr=1&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88a8bbdba9c7216c9b5176776f6658ffa6cc7adce6922dee216035666102988

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.manta.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
598
expires
Sat, 23 Oct 2021 15:29:03 GMT
7042993
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7042993?_fw_gdpr=1&schain=1.0,1!taboola.com,1281029,1,1556084940&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d7b23eac1123714955459e5013c16a2cd1bcc7357102c034dfa5dc14f309b427

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:03 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.manta.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1174
x-sticky-vk
1635002943866048-331
Expires
Sat, 23 Oct 2021 15:29:03 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://taboola-d.openx.net/v/1.0/av?auid=543846817&gdpr=1&us_privacy=1---
  • https://taboola-d.openx.net/v/1.0/av?cc=1&auid=543846817&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDYxYTAwZDItOGFmMC02ZmZiLTUzMzAtMGM0MTRhNGI3YjI0
0
0

khaos.jpg
token.rubiconproject.com/ Frame 19D8
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame C1E9
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
44de48c0-978a-42ca-8e7d-4d75d7e787b6
https://www.manta.com/
1 KB
0
Media
General
Full URL
blob:https://www.manta.com/44de48c0-978a-42ca-8e7d-4d75d7e787b6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
29342385-6d60-4855-a906-b187890e6218
https://www.manta.com/
1 KB
0
Media
General
Full URL
blob:https://www.manta.com/29342385-6d60-4855-a906-b187890e6218
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
gen_204
pagead2.googlesyndication.com/pagead/
0
119 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=2186391683163801&bg=!qaqlqu7NAAbUs_yW1LM7ACkAdvg8Wi-ZxMk0QsrQ0XIFu_Ur1dU1H4mp_Lp5BBgAIL6uzxRQmEkyNgIAAAE3UgAAAIRoAQeZAnUgpi8vuW4dL1A-Xq5BVbqjDmQErftG4TCW8AmDbmWGuugeAnXPXPrm9CupBZ2X8JwTgc1yDlIot_pe-QHsMvCF592mmNQ0Rlyk0XfvSinKVlHfppSj81kSDsNMI8QWTiZl1trtSxLqwDS_oCWIt3GSZWfLipIyaID5f7KKo6x0cTg08KnojxMdRM3jyvMBSkVOBgg92BPPfJpaOOzsTfP_Xsi91ao9DNdjKqbcqZT-7hZLJ1qzHIwDybrWXBH5pgZ20gIer7k-3v_xsSsNERmm-VOQhJPmKqoF6Al9VNtZrLuDIwiYXlrPUOf-wwmGt80AyITkztlQyET4zHLS4lDxvNYERygWJKvkrhhivFu7NEJnRDENHmQ6mpWfjQU6J_HjGBcsqVTaF5TnccImYMacuEeeA7oVAW5l6GjbDyPUMSdQ71Jfi9EkVlDi_-Ug1QWBwxjDUAMQ5DCcJ9xEAINGxjFzutmaL24Bls_e09QrD0mNf-Jp8VyL1DfAsKZ_Rsj9M-zAjZtbRDtlDZxX3LxjAPk8so5n0ai_uX91_960I3Aj0OO7_Ao7TpI5x1lj7Sz0rZv9xJ_v8Ifzd_YV2H0UNzFMtr5isriHOuGNDxpXd3ZabcBm4SFuGRGn-kOtBQOIFRbDYahsmwQeHw-HrGP9-zfAxw7rFhIUIDoz2I05MI7-IO1kVpefPrMIdrwPp0SDpw2BQz8khMwkYtbwHs0aN0UcZeR6bJw6g1RDWj-SbUYvYM2b46Moxk6r579r7fAH49KaYFk_Gl4UHiuAB9Wjgs4Dz4XhOHbzuwOgkEKP3-vjLwDBGetuPn2g1AEtc3VxyDURXA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame A682
152 KB
36 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&gdpr=1&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
sync
taboola-supply-partners.tremorhub.com/ Frame 87B8
43 B
182 B
Image
General
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:787a:99c3:22c2:11ca Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 87B8
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame 87B8
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.176.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-176-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 3358
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Oct 2021 15:29:03 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Sat, 23 Oct 2021 15:29:03 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cookie set usermatch
ssum.casalemedia.com/ Frame F4AB
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26u...
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr...
2 KB
3 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5516b2176a6921e3f8d1cc48f9acdb1c0c602f5c9505fbd2d3472015e2fb9b4d

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YXQqPw-rXgE1j0e5Y7pouQAA; CMPS=3176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|230|39|64|46|218|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1728
Expires
Sat, 23 Oct 2021 15:29:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Connection
keep-alive
Set-Cookie
CMID=YXQqPw-rXgE1j0e5Y7pouQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 23 Oct 2022 15:29:04 GMT CMPS=3176;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 21 Jan 2022 15:29:04 GMT CMPRO=1171;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 21 Jan 2022 15:29:04 GMT CMRUM3=da61742a402760&f161742a4005a0&4061742a4005a0&2761742a400b40&bf61742a4005a0&2d61742a4005a0&2e61742a4005a0&e661742a402760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 23 Oct 2022 15:29:04 GMT CMST=YXQqQGF0KkAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Oct 2021 15:29:04 GMT

Redirect headers

Server
Apache
Content-Length
428
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 23 Oct 2021 15:29:03 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:03 GMT
Connection
keep-alive
Set-Cookie
CMID=YXQqPw-rXgE1j0e5Y7pouQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 23 Oct 2022 15:29:03 GMT CMPS=3176;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 21 Jan 2022 15:29:03 GMT
iframe.js
cdn.intergient.com/pageos/1.6.27/iframe/ Frame F46B
18 KB
7 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.6.27/iframe/iframe.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.27/iframe/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4132d58313fd8393ef5f1d7c0ae6800bb7e85b92db7e13d560e0a09104998f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.intergient.com/pageos/1.6.27/iframe/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 00:56:10 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 18:06:14 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634580369/ctime:1634580367/gid:20/gname:staff/md5:474cdb5a25f0c72996d6df50cb841ba3/mode:33188/mtime:1634580367/uid:501/uname:thomascreamer
age
52374
etag
W/"474cdb5a25f0c72996d6df50cb841ba3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3bfeb8eb7405a05775de8861a4d117d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
5r76kM1R5LBTkWq8euZ9h2KlsdBbQUE2Hjkt2NgftBxxRLrTye4xOg==
adview
googleads.g.doubleclick.net/pagead/ Frame E2CF
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CW963Pip0YbTeCIqG1fAP5uGvyAaWjffVZbXfzqfFDtuG9f0IEAEgzrKSA2CV-vCBjAegAYfGttADyAEJqQLc2A5wtYmzPqgDAaoE2gFP0PpKqWzoRSgYTfVslnQq65p8c9R7e-az7B9fO3z6w-f8FkEcAAlLlZaAjXZs4N98IqtQHJWe1Jo_N_E0f37GxIcCvTwWQxSlplnvqXyKALzCwRKjtmSeoj75n7WVnLFpBYcZ-Pah0yc3asWoHOFKTWqLnokGbXQL_o2xj8xeJVYKuA6_-iZLpXqSC-_vs0qpntTuggb51cbOv_z0yZ5p-U5DxTGOoM5-igKOESeoXCAN2grJUSLYRNfuA42LFG35nzPJgAicKTbDnYHue6bSw32QvepcKsj3I8AE6uWEqOQDoAYugAfhuckvqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBDixkLSCAkIgOGAcBABGF-ACgHICwG4E4gn2BMD0BUBgBcBshccChoIABIUcHViLTUzMTg3NTY4NTkwMDQ5NjMYAA&sigh=X8MTDgfJRVE&vt=1&template_id=5000&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5318756859004963&output=html&h=90&slotname=5730748454&adk=3226326660&adf=4019810325&pi=t.ma~as.5730748454&w=736&lmt=1635002942&rafmt=12&psa=0&format=736x90&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&flash=0&hints=cleaning%20services&hl=en&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635002941920&bpp=3&bdt=257&idt=91&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&correlator=5666588945401&frm=20&pv=2&ga_vid=1392064569.1635002942&ga_sid=1635002942&ga_hid=1989064066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=280&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750577%2C31060566%2C31062525%2C31063139%2C31062930&oid=2&pvsid=2186391683163801&pem=653&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=sZ71ArPxsR&p=https%3A//www.manta.com&dtd=195
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 23 Oct 2021 15:29:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E2CF
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstY6jtOciIM2a17A9nirDpEiLdooisijfZ9X9IoyCqXdSNyHQoPKBDUq5PHlYik8MWEAH42XC6pwFdTdKWm8TTnUCfbv9o1SQfg6wOkYTnBv-CbXgRy2g&sai=AMfl-YSctvrjRcBxx0QdOwuo7YJzdf4nTWAxb3biB72fI3pi8tDM8Ql8Jew5uij_VBoCpOKKDbwU0IHBX45k&sig=Cg0ArKJSzNFkWknCxsXlEAE&id=lidar2&mcvt=1011&p=0,0,90,736&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3226326660&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&pay=1&rst=1635002942116&rpt=767&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tyche.js
cdn.intergi.com/hera/releases/4.4.20/
1 KB
968 B
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d58e5173aa77594781fbbd9ea267e60cb224b9ed9bf780ee7fbb74af19bc5e5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 02:26:48 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:f7b36fb6bf7f1df9b862fef0f6cecd61/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
46936
etag
W/"f7b36fb6bf7f1df9b862fef0f6cecd61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
rrp9h3UPqyLmT1jxan3.qeosexGA8bHh
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/javascript
x-amz-cf-id
dpVSJwnIlyXZY_hW9b773niPDcdL5delvW5WTJ6bJTqB-vynlk_wNg==
runtime.05de6b0ea45677a1a6c9.js
cdn.intergi.com/hera/releases/4.4.20/
2 KB
2 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/runtime.05de6b0ea45677a1a6c9.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9a71b81af22b4823fda97cdc3d5a5f8f209ff5acb6c6f590a958fc5e7c484da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jzCGoOyBJsrW5_BIklD4Wt08CJHLhnSN
content-encoding
br
last-modified
Wed, 06 Oct 2021 12:05:08 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:80452be1a33fe5e3d9d7ff28d3783f5e/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
53109
etag
W/"80452be1a33fe5e3d9d7ff28d3783f5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
date
Sat, 23 Oct 2021 03:20:38 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
1qmnOjCpvvBZ03K8HljSTEEVjUwzivwhGMXr-7chk_owmI7JyH0q5Q==
npm.core-js.ffb4b0a70697fbafb4fe.js
cdn.intergi.com/hera/releases/4.4.20/vendor/
24 KB
9 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.core-js.ffb4b0a70697fbafb4fe.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 02:29:09 GMT
content-encoding
br
last-modified
Wed, 06 Oct 2021 12:05:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:804f5a4d76247f98873a77739d825de0/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
46795
etag
W/"804f5a4d76247f98873a77739d825de0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
yNwgVZShYf9bdtyCBLLwGGUpO6ELk3JH
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/javascript
x-amz-cf-id
Mi5oue9iaJOmldoAZJiwZ8leakKZYgDhoHKk2-CW4WG7pkDXnVqu_g==
npm.babel.e42d14b31536f4c718ea.js
cdn.intergi.com/hera/releases/4.4.20/vendor/
2 KB
1 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.babel.e42d14b31536f4c718ea.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 03:20:09 GMT
content-encoding
br
last-modified
Wed, 06 Oct 2021 12:05:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:f3bb19c23da5015c288c890ccb181355/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
43735
etag
W/"f3bb19c23da5015c288c890ccb181355"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
3VwFVSasYkf9sUjFHhhXu95Wax5g01hS
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/javascript
x-amz-cf-id
nAr42dUKcQwgy5SJO04eutuGpo-rXZhT-g4xDZMt9Y6uzkxW1L7fnw==
npm.lodash.922cd3f43a34caef1c38.js
cdn.intergi.com/hera/releases/4.4.20/vendor/
3 KB
2 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.lodash.922cd3f43a34caef1c38.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 00:27:00 GMT
content-encoding
br
last-modified
Wed, 06 Oct 2021 12:05:12 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:0c61d46da45d9ab039a485d6e9e04701/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
54124
etag
W/"0c61d46da45d9ab039a485d6e9e04701"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
f5Nau8NwFN7L70FSsYb4JdZzDH0MuFh.
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/javascript
x-amz-cf-id
nySYwFRDdmYSlE8urvrjiR5RqNZRO2WaNbFsvXFkVjRhNjzttggEFQ==
npm.intersection-observer.8aa2efdfa26796cda0fc.js
cdn.intergi.com/hera/releases/4.4.20/vendor/
9 KB
3 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.intersection-observer.8aa2efdfa26796cda0fc.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 01:54:11 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:2be2cdb69171257c85e47d90ae2f6b2f/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
48893
etag
W/"2be2cdb69171257c85e47d90ae2f6b2f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
zsMJ0ng_K9AhI4lddDx3W0LGQd01a1GX
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/javascript
x-amz-cf-id
7X_99MaaqTLVNuSt3cHS9JI9MluG0E0flL7Qj9DBKLZ1LljE4oVSIg==
npm.process.940d3a7ac2b6ed08f335.js
cdn.intergi.com/hera/releases/4.4.20/vendor/
2 KB
1 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.process.940d3a7ac2b6ed08f335.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:26:21 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:12 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:c3f55d7eac6bd8289f3c5184e9fd1118/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
61363
etag
W/"c3f55d7eac6bd8289f3c5184e9fd1118"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
QiLkwJM8fhJodyaJEGupWfVzHKziod_X
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/javascript
x-amz-cf-id
4ggTYOrb-Cu-OKBpZCsOteHzxyqMAh25k0mJPjoXO4MSb9Khde9emw==
npm.webpack.1e0f2b4c3cee24713006.js
cdn.intergi.com/hera/releases/4.4.20/vendor/
231 B
721 B
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.webpack.1e0f2b4c3cee24713006.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
M1THDJyH9Bb7TKXLTtla9v6fPw4G37qE
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 12:05:12 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:436272b3faaa8c97115625bc8504abbf/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
53620
etag
"436272b3faaa8c97115625bc8504abbf"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sat, 23 Oct 2021 13:00:26 GMT
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-length
231
x-amz-cf-id
nH5lahhXfMM2fcsbBfzaXjAK_Zvxva81CZukjEVi2mrTqGMAmbEr6A==
lib-main.aa0becec495b9d9b6de4.js
cdn.intergi.com/hera/releases/4.4.20/lib/
4 KB
3 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/lib/lib-main.aa0becec495b9d9b6de4.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Xs8Bsmy9XR8PXppeSYGxneyTzQbXwZyd
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:07 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:4f9983efbe731c3569545c1c49d9a965/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
39165
etag
W/"4f9983efbe731c3569545c1c49d9a965"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
date
Sat, 23 Oct 2021 13:00:09 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
rCwy5E4YPPQ3tAJnHqGYOPvijhZrDAoVVEMhqcrGw7WaqAwlmH9ezA==
main.9f147b17a613af2d3924.js
cdn.intergi.com/hera/releases/4.4.20/
100 KB
30 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/main.9f147b17a613af2d3924.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d16f6f0436e8fdfa3eaa4b572edfe42ac61a514c99a38e502d917ec210982f25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 01:59:15 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:08 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:6192023fa414f78aa7eaef1ec7f84afb/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
48589
etag
W/"6192023fa414f78aa7eaef1ec7f84afb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
ahSiOQ_DBS8C3ojT2HALrnqujD1Zpksm
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/javascript
x-amz-cf-id
87g-M9o2FCzMjhCFJ9ANYhcs60xMDzNxCC_hm46aeBjtlUrpdjHvmQ==
lib.55782284870bfbbd6c84.js
cdn.intergi.com/hera/releases/4.4.20/lib/
138 B
628 B
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/lib/lib.55782284870bfbbd6c84.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Hligg.9HYpu6zfclm.GRZ1tw0hES86hJ
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 12:05:07 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:64d609d6dc753b7c1abf5d5d2b095aa1/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
56287
etag
"64d609d6dc753b7c1abf5d5d2b095aa1"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 22 Oct 2021 23:50:57 GMT
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-length
138
x-amz-cf-id
yCwOF1uN3erp71pAvQNLIWV0YIDXJ1NwhyEJo_fYOEE7YdCprtMx6Q==
showad.js
ads.pubmatic.com/AdServer/js/ Frame DDEE
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=118675
expires
Mon, 25 Oct 2021 00:26:58 GMT
date
Sat, 23 Oct 2021 15:29:03 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame A682
38 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=118674
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Mon, 25 Oct 2021 00:26:58 GMT
usync.js
eus.rubiconproject.com/ Frame 3358
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51297
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sun, 24 Oct 2021 05:44:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 3358
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/main.9f147b17a613af2d3924.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
5fbf9c7a46ce00882e1ac7b069a56d060431343e32a8e7f437ff408a410abe80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1022 / 594 of 1000 / last-modified: 1634854038"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Oct 2021 15:29:03 GMT
prebid.js
cdn.intergi.com/prebid/
521 KB
158 KB
Script
General
Full URL
https://cdn.intergi.com/prebid/prebid.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
476d868bbbd6c429d1a1f05761d74846076e34785a654e882d4dd455ebbf5ad0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
y1v5Vq9p1vfqF6q9AuSZghOUqlzHfxgq
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:46:34 GMT
server
AmazonS3
age
54185
etag
W/"cf54f326a04bf74ee95526597a2efaea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront)
date
Sat, 23 Oct 2021 12:48:31 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
8VRwMkkFjRaoV49HU8m63FYPM9DprD9DzBFyjaPGCxcGceOtkbMfkA==
av
taboola-d.openx.net/v/1.0/
Redirect Chain
  • https://taboola-d.openx.net/v/1.0/av?auid=543846817&gdpr=1&us_privacy=1---
  • https://taboola-d.openx.net/v/1.0/av?cc=1&auid=543846817&gdpr=1&us_privacy=1---
48 B
332 B
XHR
General
Full URL
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=543846817&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.manta.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 23 Oct 2021 15:29:04 GMT
via
1.1 google
server
OXGW/16.217.1
location
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=543846817&gdpr=1&us_privacy=1---
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.manta.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 0AC9
337 KB
114 KB
Script
General
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
473f9af2c2b3673ff53946714c6fa377298cdfd1b440b76f672d54c47653b9ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1635002944.dop141.fr8.t,1635002944.cds156.fr8.shn,1635002944.cds156.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116229
PugMaster
image6.pubmatic.com/AdServer/ Frame DDEE
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95908637&p=156307&s=747876&a=3120364&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
5eef1afbaca29ad0295ebadbe75430e7ee6ddf76b14ff7c649f9d9de4582703e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ats.js
ats.rlcdn.com/
184 KB
57 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66292d1f2876ac355465cd5ca1562a9b1dc18c2cf0c498c7d5862ab0f22e5d6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9bnkdZ.QZZ0I_dvcV.i.7nS6.mh1GXo3
content-encoding
br
etag
W/"e7cbbf596270d500e1b8c4407933c91a"
age
125109
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:47f2f39e-adb2-473d-bd2d-2589e73b0672
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
5afceba0404268d8179075673482977d
last-modified
Wed, 29 Sep 2021 12:20:21 GMT
server
AmazonS3
date
Sat, 23 Oct 2021 01:14:47 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
e62204c8b13649b2a430d3eb62cf86725da7d2d0db3079f168ca2d40c37e0c7b
via
1.1 54fc556adf6e8c787574c6f132d70179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/x-javascript
x-amz-cf-id
2FjzcOEd1IrXexmvWAvKsjqp_Js5RfNXHxjuf7V7teZz6p6Pj8aZ7g==
apstag.js
c.amazon-adsystem.com/aax2/
133 KB
36 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/main.9f147b17a613af2d3924.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:27:20 GMT
content-encoding
gzip
age
104
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
0FBZZGT6MG2F1BZ4HKYQ
etag
e2b905aea413c4d7479fb2bb9cbc6c65
vary
Accept-Encoding
x-amz-version-id
zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
1VODv06JnI-UxelCDO2AEl0wk6A3rxNNFSvM5VyE65WM_DcfUq0COg==
analytics
go2.manta.com/
50 B
1 KB
Script
General
Full URL
https://go2.manta.com/analytics?conly=true&visitor_id=591016327&visitor_id_sign=e74428d1735ab9b91fe743d9790241de14ebe60706aa5a352b9f842f4897396fc3d89944880a20b449383f2149ce3e9f39ba37dd&pi_opt_in=&campaign_id=4578&account_id=715133&title=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=4578&account_id=715133&title=Maid%20VIP%20Thousand%20Oaks%20CA%2C%2091360%20%E2%80%93%20Manta.com&url=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&referrer=
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-1-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
X-Pardot-Route
d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB
4208770abb36eec2b2f3a1c951758cc1
X-Pardot-Rsp
16/96/78
Vary
User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
50
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
match
c1.adform.net/serving/cookie/ Frame 0F7D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946
35 B
467 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 15:29:04 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1750532214226875959; expires=Wed, 22 Dec 2021 15:29:04 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sat, 23 Oct 2021 15:29:04 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Tue, 23 Nov 2021 15:29:04 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 0CEF
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7584791455511712389
42 B
210 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7584791455511712389
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7584791455511712389
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=A06FAAE5-0E37-4E40-B89D-2B7A3A319946; chkChromeAb67Sec=1; pi=156307:2; DPSync3=1635033600%3A174%7C1636156800%3A197_219_201; SyncRTB3=1636156800%3A176_189_220_88_7_3_166_204_21_56_165_222_161_230_13_22_71_81_8_55_234_231_54_99%7C1637539200%3A203%7C1635552000%3A2_15_223%7C1635811200%3A63%7C1636243200%3A35; KRTBCOOKIE_80=22987-CAESEA3zfXNUsY2kEB-WS7zD8jQ&KRTB&16514-CAESEA3zfXNUsY2kEB-WS7zD8jQ&KRTB&23025-CAESEA3zfXNUsY2kEB-WS7zD8jQ; PugT=1635002944; PUBMDCID=3; KRTBCOOKIE_409=22966-hUyaRREaeI5M6DMwqim7XshB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 15:29:04 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-7584791455511712389; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 22-Nov-2021 15:29:04 GMT; path=/ PugT=1635002944; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 22-Nov-2021 15:29:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-Jan-2022 15:29:04 GMT; path=/
x-lat
amspug013:0:425
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7584791455511712389
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 6DB0
43 B
334 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sat, 23 Oct 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
348415
Pug
simage2.pubmatic.com/AdServer/ Frame D268
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022284173346601113
42 B
519 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022284173346601113
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022284173346601113
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=A06FAAE5-0E37-4E40-B89D-2B7A3A319946; chkChromeAb67Sec=1; pi=156307:2; DPSync3=1635033600%3A174%7C1636156800%3A197_219_201; SyncRTB3=1636156800%3A176_189_220_88_7_3_166_204_21_56_165_222_161_230_13_22_71_81_8_55_234_231_54_99%7C1637539200%3A203%7C1635552000%3A2_15_223%7C1635811200%3A63%7C1636243200%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 15:29:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7022284173346601113; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 22-Nov-2021 15:29:03 GMT; path=/ PugT=1635002943; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 22-Nov-2021 15:29:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-Jan-2022 15:29:03 GMT; path=/
x-lat
amspug015:0:356
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 23 Oct 2021 15:29:04 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7022284173346601113; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022284173346601113
adx
match.prod.bidr.io/cookie-sync/ Frame A7E4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEdFJrN0M2RlVBQUJ1SXJsT1FmZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B
Document
General
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.222.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-222-33.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Cookie
bito=AADtRk7C6FUAABuIrlOQfg; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sat, 23 Oct 2021 15:29:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sat, 23 Oct 2021 15:29:04 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
csync.loopme.me/ Frame A63D
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 70E7
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8262805711
  • https://sync.1rx.io/usersync/tradedesk/27a44235-8757-4bf6-a2b4-5d98a0816fca
  • https://sync.targeting.unrulymedia.com/csync/RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003
42 B
307 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=A06FAAE5-0E37-4E40-B89D-2B7A3A319946; chkChromeAb67Sec=1; pi=156307:2; DPSync3=1635033600%3A174%7C1636156800%3A197_219_201; SyncRTB3=1636156800%3A176_189_220_88_7_3_166_204_21_56_165_222_161_230_13_22_71_81_8_55_234_231_54_99%7C1637539200%3A203%7C1635552000%3A2_15_223%7C1635811200%3A63%7C1636243200%3A35; KRTBCOOKIE_80=22987-CAESEA3zfXNUsY2kEB-WS7zD8jQ&KRTB&16514-CAESEA3zfXNUsY2kEB-WS7zD8jQ&KRTB&23025-CAESEA3zfXNUsY2kEB-WS7zD8jQ; PUBMDCID=3; KRTBCOOKIE_409=22966-hUyaRREaeI5M6DMwqim7XshB; KRTBCOOKIE_153=19420-a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ&KRTB&22979-a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ; KRTBCOOKIE_1101=23040-7022284173346601113; KRTBCOOKIE_27=16735-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&16736-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&23019-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&23114-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90; KRTBCOOKIE_377=6810-27a44235-8757-4bf6-a2b4-5d98a0816fca&KRTB&22918-27a44235-8757-4bf6-a2b4-5d98a0816fca&KRTB&23031-27a44235-8757-4bf6-a2b4-5d98a0816fca; KRTBCOOKIE_336=5844-7584791455511712389; KRTBCOOKIE_391=22924-1750532214226875959&KRTB&23263-1750532214226875959; PugT=1635002942
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 15:29:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17107-RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 22-Nov-2021 15:29:03 GMT; path=/ PugT=1635002943; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 22-Nov-2021 15:29:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-Jan-2022 15:29:03 GMT; path=/
x-lat
amspug005:0:684
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sat, 23 Oct 2021 15:29:04 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003%22%7D; path=/; expires=Sun, 23 Oct 2022 15:29:04 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003
etag
RX369473c1894644ee9d2ab53abf4fcb89003
dpe
ad4m.at/ad/ Frame 523B
15 B
915 B
Document
General
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a2bffb0bd326927-FRA
Pug
image2.pubmatic.com/AdServer/ Frame 2203
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hUyaRREaeI5M6DMwqim7XshB
42 B
217 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hUyaRREaeI5M6DMwqim7XshB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hUyaRREaeI5M6DMwqim7XshB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=A06FAAE5-0E37-4E40-B89D-2B7A3A319946; chkChromeAb67Sec=1; pi=156307:2; DPSync3=1635033600%3A174%7C1636156800%3A197_219_201; SyncRTB3=1636156800%3A176_189_220_88_7_3_166_204_21_56_165_222_161_230_13_22_71_81_8_55_234_231_54_99%7C1637539200%3A203%7C1635552000%3A2_15_223%7C1635811200%3A63%7C1636243200%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 23 Oct 2021 15:29:04 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-hUyaRREaeI5M6DMwqim7XshB; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 22-Nov-2021 15:29:04 GMT; path=/ PugT=1635002944; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 22-Nov-2021 15:29:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 21-Jan-2022 15:29:04 GMT; path=/
x-lat
amspug0022:0:517
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sat, 23 Oct 2021 15:29:04 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=hUyaRREaeI5M6DMwqim7XshB; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hUyaRREaeI5M6DMwqim7XshB
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame 4441
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 23 Oct 2021 15:29:04 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame A142
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
421 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=aUnoeUON6Jv8ZbUxpaiyyZd3rr3DUUYV5r6Za2pVaj8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a8nseFw5EGjAaINQeEsGxhZboMkSGWZaf7dmZacjcYtSsLW12RZdZbaqpaHAXpFWVZaZdKRCIJX3CNoPsPLU0j8Mjnu; path=/; domain=.tribalfusion.com; expires=Fri, 21-Jan-2022 15:29:04 GMT; SameSite=None; Secure; ANON_ID_old=a8nseFw5EGjAaINQeEsGxhZboMkSGWZaf7dmZacjcYtSsLW12RZdZbaqpaHAXpFWVZaZdKRCIJX3CNoPsPLU0j8Mjnu; path=/; domain=.tribalfusion.com; expires=Fri, 21-Jan-2022 15:29:04 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a2bffb1f9bd704c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 23 Oct 2021 15:29:04 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
2801
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aUnoeUON6Jv8ZbUxpaiyyZd3rr3DUUYV5r6Za2pVaj8; path=/; domain=.tribalfusion.com; expires=Fri, 21-Jan-2022 15:29:04 GMT; SameSite=None; Secure; ANON_ID_old=aUnoeUON6Jv8ZbUxpaiyyZd3rr3DUUYV5r6Za2pVaj8; path=/; domain=.tribalfusion.com; expires=Fri, 21-Jan-2022 15:29:04 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a2bffb0be60704c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame CC3B
0
44 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 Albuquerque, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sat, 23 Oct 2021 15:29:03 GMT
server
c
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 940C
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1c481b1d-912c-4f37-a46c-f7f39673d806-tuct86dafbf&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1c481b1d-912c-4f37-a46c-f7f39673d806-tuct86dafbf&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1c481b1d-912c-4f37-a46c-f7f39673d806-tuct86dafbf&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=1c481b1d-912c-4f37-a46c-f7f39673d806-tuct86dafbf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sat, 23 Oct 2021 15:29:04 GMT
via
1.1 varnish
x-served-by
cache-fra19149-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1635002944.115857,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=1c481b1d-912c-4f37-a46c-f7f39673d806-tuct86dafbf;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 23-Oct-2022 15:29:04 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1c481b1d-912c-4f37-a46c-f7f39673d806-tuct86dafbf&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sat, 23 Oct 2021 15:29:04 GMT
via
1.1 varnish
x-served-by
cache-fra19149-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1635002944.096117,VS0,VE9
x-vcl-time-ms
9
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DDEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oG-q5Q43TkC4nSt6OjGZRg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=53283
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 24 Oct 2021 06:17:07 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=615e6174-2a3f-4e00-94cf-529743b04aa5
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=615e6174-2a3f-4e00-94cf-529743b04aa5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
MT3 4044 0c7f252 master zrh-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=615e6174-2a3f-4e00-94cf-529743b04aa5
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 23 Oct 2021 15:29:03 GMT
/
pixel.onaudience.com/ Frame DDEE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A06FAAE5-0E37-4E40-B89D-2B7A3A319946
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=faaccf1900b60b715a06089827112244
35 B
248 B
Image
General
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=faaccf1900b60b715a06089827112244
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.222.80.231 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-4.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sat, 23 Oct 2021 15:29:04 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=faaccf1900b60b715a06089827112244
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTA2RkFBRTUtMEUzNy00RTQwLUI4OUQtMkI3QTNBMzE5OTQ2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
186 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:398
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA3zfXNUsY2kEB-WS7zD8jQ&google_cver=1
42 B
593 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA3zfXNUsY2kEB-WS7zD8jQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA3zfXNUsY2kEB-WS7zD8jQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame DDEE
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 22 Oct 2021 15:29:04 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&gdpr=0&gdpr_consent=
42 B
497 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0022:0:419
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
MT3 4044 0c7f252 master zrh-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 23 Oct 2021 15:29:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1750532214226875959
42 B
388 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1750532214226875959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:02 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:448
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1750532214226875959
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27a44235-8757-4bf6-a2b4-5d98a0816fca
42 B
294 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27a44235-8757-4bf6-a2b4-5d98a0816fca
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:384
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27a44235-8757-4bf6-a2b4-5d98a0816fca
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4428407269026717231&gdpr=0&gdpr_consent=
42 B
209 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4428407269026717231&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:451
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
X-Proxy-Origin
78.47.208.27; 78.47.208.27; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
90d4bd66-4694-4b3d-982f-7936a77ed437
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4428407269026717231&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ
42 B
348 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:386
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8ZgEccBE2uUxsfTd3ieOkKK_8HTq4Rk-~A&gdpr=0&gdpr_consent=
0
48 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8ZgEccBE2uUxsfTd3ieOkKK_8HTq4Rk-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8ZgEccBE2uUxsfTd3ieOkKK_8HTq4Rk-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
A06FAAE5-0E37-4E40-B89D-2B7A3A319946
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DDEE
43 B
874 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A06FAAE5-0E37-4E40-B89D-2B7A3A319946?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c383:8b40:dc7f:a016 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5daddd8f-0493-48f5-920e-daba1f783b92
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk14f67ea4-b73b-459c-be49-689f91cfe8b0&expires=7&user_group=5&ssp=pubmatic&bsw_param=5daddd8f-0493-48f5-920e-daba1f783b92
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5daddd8f-0493-48f5-920e-daba1f783b92&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5daddd8f-0493-48f5-920e-daba1f783b92&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:428
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5daddd8f-0493-48f5-920e-daba1f783b92&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 23 Oct 2021 15:29:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YXQqQAALVwdiAgAT&gdpr=0&gdpr_consent=&_test=YXQqQAALVwdiAgAT
1 B
256 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YXQqQAALVwdiAgAT&gdpr=0&gdpr_consent=&_test=YXQqQAALVwdiAgAT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:420
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635002944.297495,VS0,VE0
x-served-by
cache-fra19129-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YXQqQAALVwdiAgAT&gdpr=0&gdpr_consent=&_test=YXQqQAALVwdiAgAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame DDEE
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A06FAAE5-0E37-4E40-B89D-2B7A3A319946&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2901899503653063483&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2901899503653063483&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:451
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2901899503653063483&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:727
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:03 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fb4e7658-b58d-4c13-a0f5-e47dcf770467&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fb4e7658-b58d-4c13-a0f5-e47dcf770467&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:364
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fb4e7658-b58d-4c13-a0f5-e47dcf770467&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame DDEE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4428407269026717231
42 B
111 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4428407269026717231
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:291
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
X-Proxy-Origin
78.47.208.27; 78.47.208.27; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fac2ea35-fef1-43fa-9a53-6e438c599e7d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4428407269026717231
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame DDEE
35 B
238 B
Image
General
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
crum
dsum-sec.casalemedia.com/ Frame F4AB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXQqPw-rXgE1j0e5Y7pouQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFz3kGJfHBTKyPBTUx2zS90&google_cver=1&gdpr=1
43 B
999 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFz3kGJfHBTKyPBTUx2zS90&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Oct 2021 15:29:04 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFz3kGJfHBTKyPBTUx2zS90&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F4AB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXQqPw_rXgE1j0e5Y7pouQAABJMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXQqPw_rXgE1j0e5Y7pouQAABJMAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXQqPw_rXgE1j0e5Y7pouQAABJMAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B4WM1WA8168Q18F32DNE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SDMQEHR9PXQYQQ0ADWKW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXQqPw_rXgE1j0e5Y7pouQAABJMAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame F4AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXQqPw_rXgE1j0e5Y7pouQAABJMAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJobQ6CQhetBwrj_eLFpj5k&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJobQ6CQhetBwrj_eLFpj5k&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 23 Oct 2021 15:29:04 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJobQ6CQhetBwrj_eLFpj5k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F4AB
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame F4AB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1637594944
43 B
982 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1637594944
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 23 Oct 2021 15:29:04 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:03 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1637594944
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
getuid
secure.adnxs.com/ Frame F4AB
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ibs:dpid=23728&dpuuid=YXQqPw-rXgE1j0e5Y7pouQAA%261171
dpm.demdex.net/ Frame F4AB
0
0
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YXQqPw-rXgE1j0e5Y7pouQAA%261171?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-219-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

index
dmp.brand-display.com/cm/api/ Frame F4AB
0
0

/
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame F4AB
0
98 B
Image
General
Full URL
https://sync.taboola.com/sg/casale-network/1/rtb-h/?gdpr=1&taboola_hm=YXQqPw_rXgE1j0e5Y7pouQAABJMAAAIB&orig=video&us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12936
/
geo.privacymanager.io/
30 B
596 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 04:50:00 GMT
via
1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront), 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
age
38344
x-amzn-requestid
fdb7a964-9a82-436a-b63c-5fc7ffbd8163
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61739478-3aed2f881b874f742bc405f8;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA56-P5
x-amz-apigw-id
HpQi0FKDjoEFZKg=
content-length
30
x-amz-cf-id
FbHO61Lioydz5dCdpsZXFm883KWW5WrfsDRZqPFK8PtiaUz8y37nTg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 06:37:14 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
31911
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
via
1.1 51bcd21e941ceaec99864557d86202af.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
content-type
application/javascript
x-amz-cf-id
pnItzR7CCoJX-VOla6LwHKOoc8g227AOfCMH7DUQrjaRq8RkHCENqw==
config
c.amazon-adsystem.com/cdn/prod/
0
303 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:03 GMT
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.manta.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
6jF7_bjUBWi9h8xj0RjU0rLPZqqSyFQS4SDNglElFPZHonae77ChBQ==
bid
c.amazon-adsystem.com/e/dtb/
23 B
491 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&pid=sc04BaMleHVP1&cb=0&ws=1600x1200&v=7.69.01&t=1500&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C6009%2F1024347%2F72853%2F1024347-72853-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C6009%2F1024347%2F72853%2F1024347-72853-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F154013155%2C6009%2F1024347%2F72853%2F1024347-72853-medium_rectangle%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F154013155%2C6009%2F1024347%2F72853%2F1024347-72853-medium_rectangle%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C6009%2F1024347%2F72853%2F1024347-72853-bottom_rail%22%7D%5D&schain=1.0%2C1!playwire.com%2C72853%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdpre=1&gdprc=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
GE4KVVY23G5DCB4N3S2B
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.manta.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
zoF1pw6J0amiX9WbNF_SF6q-Wk3TuLnMrjVPhjTOdMg63o4PdGDwkw==
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 0AC9
25 KB
25 KB
XHR
General
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1635002944162
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:04 GMT
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1635002944.dop222.fr8.t,1635002944.cds131.fr8.shn,1635002944.cds131.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.manta.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/
43 B
394 B
Image
General
Full URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1635002944097057-430
Expires
Sat, 23 Oct 2021 15:29:04 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 0AC9
767 B
1 KB
XHR
General
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7042993&loc=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&gdpr=1&gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eda221e8d68c2c271c55f81b565c3f59a2de7d9bbae6c4f58ba4c2aab9f73d

Request headers

Accept
application/xml, text/xml
Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.manta.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
767
x-sticky-vk
1635002944212048-362
Expires
Sat, 23 Oct 2021 15:29:04 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 0AC9
67 B
718 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7042993&_fw_gdpr=1&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1281029%2C1%2C1556084940&vav=c323793c98256b641e37d3a6d2048047&vaviv=6342819ce741f2351c8c5cbbc4beca27&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.0.2&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.manta.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1635002944169081-421
Expires
Sat, 23 Oct 2021 15:29:04 GMT
user-matching
ads.stickyadstv.com/
43 B
394 B
Image
General
Full URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=1&_fw_gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1635002944200052-400
Expires
Sat, 23 Oct 2021 15:29:04 GMT
user-matching
ads.stickyadstv.com/
43 B
394 B
Image
General
Full URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=1&_fw_gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:04 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1635002944301009-408
Expires
Sat, 23 Oct 2021 15:29:04 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame A682
8 KB
5 KB
XHR
General
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&gdpr=1&us_privacy=1---&gdpr_consent=&cb=1635002943948&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.manta.com%252Fc%252Fmx5m8pq%252Fmaid-vip&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=700&vwndurl=https%253A%252F%252Fwww.manta.com%252Fc%252Fmx5m8pq%252Fmaid-vip&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-10-23%2015:29:4&ranreq=0.05377494338916389&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
64c17babe83d6710b7bf2f3d4eb3ea8c7b77e62f41c5ec924eae4d3a1e482323

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.manta.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
0:16514/243:0
content-type
application/xml; charset=utf-8
cds-pips.js
cdn.taboola.com/scripts/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211021-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
3036
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19149-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1635002944.489948,VS0,VE0
date
Sat, 23 Oct 2021 15:29:04 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
12
x-cache-hits
16979
/
pips.taboola.com/
4 B
121 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19163-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.manta.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=5d876040-94b1-49db-979b-5f9826d7c162-tuct86dafbe
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 23 Oct 2021 15:29:04 GMT
Cache-Control
no-store
Server
nginx
Connection
close
showad.js
ads.pubmatic.com/AdServer/js/ Frame 16FA
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
cookie
KCCH=YES; KADUSERCOOKIE=A06FAAE5-0E37-4E40-B89D-2B7A3A319946; chkChromeAb67Sec=1; pi=156307:2; DPSync3=1635033600%3A174%7C1636156800%3A197_219_201; SyncRTB3=1636156800%3A176_189_220_88_7_3_166_204_21_56_165_222_161_230_13_22_71_81_8_55_234_231_54_99%7C1637539200%3A203%7C1635552000%3A2_15_223%7C1635811200%3A63%7C1636243200%3A35; KRTBCOOKIE_80=22987-CAESEA3zfXNUsY2kEB-WS7zD8jQ&KRTB&16514-CAESEA3zfXNUsY2kEB-WS7zD8jQ&KRTB&23025-CAESEA3zfXNUsY2kEB-WS7zD8jQ; PUBMDCID=3; KRTBCOOKIE_409=22966-hUyaRREaeI5M6DMwqim7XshB; KRTBCOOKIE_153=19420-a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ&KRTB&22979-a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ; KRTBCOOKIE_1101=23040-7022284173346601113; KRTBCOOKIE_27=16735-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&16736-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&23019-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&23114-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90; KRTBCOOKIE_377=6810-27a44235-8757-4bf6-a2b4-5d98a0816fca&KRTB&22918-27a44235-8757-4bf6-a2b4-5d98a0816fca&KRTB&23031-27a44235-8757-4bf6-a2b4-5d98a0816fca; KRTBCOOKIE_336=5844-7584791455511712389; KRTBCOOKIE_391=22924-1750532214226875959&KRTB&23263-1750532214226875959; KRTBCOOKIE_57=22776-4428407269026717231; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_594=17107-RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003; SPugT=1635002943; KRTBCOOKIE_218=4056-YXQqQAALVwdiAgAT&KRTB&22978-YXQqQAALVwdiAgAT&KRTB&23194-YXQqQAALVwdiAgAT&KRTB&23209-YXQqQAALVwdiAgAT; KRTBCOOKIE_22=14911-2901899503653063483; PugT=1635002943; KRTBCOOKIE_466=16530-5daddd8f-0493-48f5-920e-daba1f783b92; pp=156307; _curtime=1635002944; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=118674
expires
Mon, 25 Oct 2021 00:26:58 GMT
date
Sat, 23 Oct 2021 15:29:04 GMT
vary
Accept-Encoding
vast
bid.g.doubleclick.net/dbm/ Frame A682
38 KB
15 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AxE9YjHePgFODPsh1vSoRNjJgpDBLjhzFKzqFKMbag0Xdrk35jQnUhbimHRfr1HWT0GWAp8Judp5bNXNWcsmZO_TGVjw&dbm_d=AKAmf-BPv8V1EWfG4JfaZl6b3w_zYrDnFTgHSrHQDQGixUkO-l3IEJELD59Fs3uhjGAJvI1S_kxiOrpbB6wk_r05aam71weoglywZaOZ4ydSveyqoyMC9C1Zzq6iGkC1r7mf0D00yF7XiXRyYsYBpLkxb_XoSJ9T7PVCX2w0lyMmzVz7GQcHHhePeUAahT1NFc1VNTJVYmuK3kgYRkmseOJQCv5aMOGapiNO3YQsQnBQdKQ2MfzNEXy6msRKGlPWp-IqTWFbfp06mZ2wz81RPgDRf_lnVESEbe2NylGjekeIRJL6MoWJCSsDf-KMajOCXOF-Rei6GUaoI9zhdJd6QB5P2oraYECMKXfZf1MQlOPaSLFFFYWqNQPmOvgCporXXpTNAaNxzMMt6JlF7WDxWw0fOC8mUj16UZTABcMVIfjsWd09709CyDDB2oQoTIam7wXVex3CKvPuFia1nUhxUHmvQGoEJ2NBo_ehM4ZsLZo-az1xKRiLEOjTRW0H5ffUFVzf2IBzEzbyPCt2QhfGKSYt9AZ6uM87OChlLfhmlatbsTXlTBCT04UJKto0QNzRX5b8AtWonqvTG1O8B3xRlx0EOgkeT0qQxqcBja-lGO2r3K54xdoBZVr_wsHSfoxn4e82yVvLLng4WUfUzSSJF8GLQkZUBfPd37LVNBiuIKzaSy6XhS4lENUF5ehdKpJiySWxJpysb2iFnMc94RfhRFvDpSPFeGrqilmJRE3IHUFVyd1tdGuu9xf2kzqfSrXHa3UTtT7RpkUGrqAJbyJx1bGWRmx1bTIB1qVAXWz_FJsxpd03Ru8ak1WP9BB7Po4jcZNOkj2ezhyWF4fCGZBPANcyYLDHH4Z5K72JJPJo1EDEC-1FpS1UBQJK4eYeUOHeoJLCjWS_zxJ5r6gK5vQXTh0GoihWh-gEWZhVjPMl_uoGmWosusijJDSEcz2vjQxbmlNFLaM_qfUNxvWnnB8upGf06rTr5rnQmu7O78ThnQ7Zdl6lpEt7ZVtL8vGP8ALdEXv4ey47Dnj-xTWC_djyxjYQYC7xgth6LM67X426vpgfL8kf9G9muNs0AjxFSivgssqqImZdYZmNpiXiuvG62danfbo0kHJKtOONfWQRMUqhxUgKzu7OYQX6YDspPxq3RtNkv4zJ8xANT1uwDTz7ZGYc6MWoR4uqOAwwjc_F9bZtP5VbxuwZfLpbDakFVwMaMZ2Tp1ACpjWy4hIMFdQOn0h7JwAxLqqp__liG6VQHqHGDARYSA6_Mddlv47mh2frtr3yTCE1bmEHOO1qT6k_wmQwqiCGgJLj5FrqdjEStHHloFxuLlZu02Uqp7jzSwAJIZENc6-fiyDqjxAlcEvwUdBt6TpTNHNmap0is2o9ISgi6340JZxIXJjTNz8Y4IA2nXvIXkhu5Nd7oftrER_W2nbYc7nfBiOQ3XRkJH0jaCIWXfbj2eKr79Ax2kCfsH_Qv_wo43hkhzHm_Q_IYyP6JpgDnd928g19K0XmxKx3mSCRbEwuImpnVVrKO_0Wgn5BQxyyDySQ9I0J7ZAhQ8Js9dsWSrJB7_g_qRZF3sNiWxWDg0KVI-wftDYW-zP5i7p7vrRL-rYFGZ7NPskX8Gao_nRfWeZOKD6nvC9UpW2317e9l_5xi6tkCQ_ipJ5dpj31kmv5BDU6TfDwAoF9G8AWha3boDII6SLszoxX1VjKFMFG1UqjO72ju8S3qcQDcgOqoLrisNcz3Lrq5HJf_nDUK7BVQ6Qumqtgf9SEF4U_frz0gcWqB2EtE9KxLKHtP-cDKamshsCbNVTeowkGJpEv1Z7-gwKkPQ19PPB-XfTMWPTjb9jBRNpV-sZuLB0t_qyqlK3_9fQWtjpEklgFcmF42nKSv1I_NBsmi_kSBWRT_JxF3CN8aEUCdaXwmXoc5HoXRsPYmTyDaCHAYnKiuLL516XhtSGs6qet2HvnJ0R2Da35Q1Lr5zHbeKfA29ssZjqFFrYmGRfSKDztsEA4FHZTnrFHqlcP5o5FP6Y8PtyF8II2bQOS0vIkNkdrZpzxvvJ_zWj18gZ7p43HYwKLr29FFjEsUhmCZMcPSh-b05cXMZnWRoOEgYa21q_d1Pas-PPqQj3OBcpJ70Tf4mIaP_IVqnc8RsZsOM47IWRxS3v3d_zc2UZrexZBBnHcSa4jepDu3oXGpEVLLocjFIi3E08g2ymUQWCeGgFh91kWxYCkPgwAtgvkcEyq1MUfVtj7fpsxJqOUnVuHZGTJsHxccZopeG3LcVVPEwh242QP10XFnjmzPXF2w0q8y7PGk1lAv7Ocl9PlAZBZA3x36c0lHthQekM8-k7f1S47LN9YULZYiaJGj-JxHfyDYJ7RYWdY2_AUMUxNZtemms-aJTQdpi_K17gMuJdnopPv8Y2S5qUOWfM-ltRPb4jx6pxPxeVwMKySGmBx4RNyRgj6wR0y746tPV2o6q545QT3ev6wWL0KTLcclp84joREoHP3JukVze0uYH5qper-jmiA0etnCxwyQ3dqL3fzwlTr37J7elL2e4BFmeMZmJMBPxpvxUD7VMRDOQ_i3hCAMH1TMOAjHB7cpC9W3tCfvOxA7awtVyAzK6wkdK1_TGDr_saIx2cnHS6C-ATxl4e--5vM1CjE4L9JwxViyIrzuEDpP1xeXBXox5dMzNiiw8tswaoZ2n0ESvcuFOw2xFRJdNykNe-7-hUsxxWUS9O1GrcmkYtTFO2FG_HYGjsE4Z_049AyGKvyqQoIp_RysUhbpsTUEditCSKsrcVsaBG2QKM8spzTXu0uXwelTTTd5QWgUM9Hm0vREYaqY7Gnm-LyNW79folzyob8K09FHJ5HKvsf_Je0lWmhaL_5OMfoAXWU3lX9w_t_0gD-hvaTuqUbrOycQ6lKztf1GVY6rMkquMBAwhUMFPW56ZeBHtwY39UMouuZ4wQyABnrPFnl5QR1vpoUSNCPTnGU3TCHKE07bdPai7UFHn7-3Avxlx_6AIniL5ZXZlMC-MMj9GWCTaCpq9f4sDxrUpN_qXL-L8YnBFQryqSfp0xAZHLrxFp9aLO7D_Nsy-DAG3-AuONdq9hHh4VzfJdxO8cmfmCdZeVIPtwpDcrFvXkGVtPRUT6NlurQcK-_GP8cge8l5cMHton_gI6n&cid=CAASEuRo_JjSyR4bn_Gw-KUCCCpdMQ&pr=6:59.900002
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f156.1e100.net
Software
cafe /
Resource Hash
c261d9470a2c7349520df8060808d49a76443415a971f3ef092ea7e6edbc275f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14923
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.manta.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
aktrack.pubmatic.com/ Frame A682
0
0

ImgSync
image8.pubmatic.com/AdServer/ Frame A682
0
0

gen_204
pagead2.googlesyndication.com/pagead/ Frame A682
0
0

track
aktrack.pubmatic.com/
0
61 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156307&s=747876&a=3120364&ts=1635002943&wa=0&e=96&ier=900%20%20&1635002944816
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:04 GMT
content-length
0
content-type
text/html
VideoBidRequestHandlerServlet
wf.taboola.com/
10 KB
6 KB
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5922285&noaop=3&sortOrderType=0&cb=1635002946012&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1283&pt=1786687007&tz=0&viewable=true&ddast=V7Z3YCFgP37bsrDKAQGQT37bsrDKAQGQUAAAAGBvQHHbNckGYcGnFFmgxmm9lqsZgsBqvdcjZZDSdD6JjlgjTj0Igr0mQw28xWi8ViMZxNhrPhbriZwoexXCaDWiBhmf2-g4JyenrMLoOo6Hpb7A6n2fMGFDSdDp_rXq_7_e5qh930sGv8br_Grza-1sbB4692OE1u2dNwBwAAAIAHAK2udogfQACACAAAAAAJAAAAAIqAin8LgQsAAAAADICEsXYNACiOhHu6PBeHyWX3BwDAQwEIAIAABgmAgWRDCcBI_-4JAAAAAAAAAADL____f8xAfWSYzMD9bkgPwIMPwANRwWkRIwAAAACnF-iNo0mdUFlUAQAQpFsBXAEABPC1Fhc0hAEAAAyMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEkrpS0IAK9cLVfQACAtV9AAAA2dQMAeBOAC7oAWF1AzA4AAADg7v___18PZBYzi2E2W24Gs4lruZiNdovNajDbuDwLh8s5cm5PP1_BNS2HXqMvRFhmv--goJyeHrPLICq63ha7w2n2HMQHDcNyMgjmN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgaGXezwWiwVo4mjrVoObK4lbvlxK2aOYeT2ci3ccwma9HrYzrORg6bxeVFwYCSvQgu0onaYTc93C6T0-FWO-ymh0Us0Zws0onssu8sZhbDbLbcDGYT13IxG-0Wm9VgtnF5Fg6Xc-Tct0bG3WwwGqyVo4ljLVqOLG7lbjlxq2bO4WQ28m0cs8la9PqYjrORw2Zx-RuzzWowmCxHk31jtlkNBpPlaLLv0Bm-q8_ZKFqLfh6TQyP7eVsy80HhMli8P4lpMe3ODqKT7-gUOpzLos7ou3WPXoPCc_CYxstb7VjePpvp4zDhOBgUsURwukgnopfxdBFLJE-LdKIaLDy-1WDjWVgsI-NyOBmuNqaZZ7GczAwzh2NlEUuUpot0otf41cbX2jh4_NUOp8ktexou6j8y3HAu2s0lg-FcslslAAAAAAAAAIAlzJk3AQAAADgNaDOYDVbLBZhgLND9ITziRWD5VT-GaIfd9HC7TE6HW-2wmx5WBphY_Gfe7Jkg1mq1rAEAAASwAQAAArh18xZAFsUBAAAEyAE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2358715&dpubid=430605&abtst=adh5c-1_vA!lotc_vC!rvf1_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.manta.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7dfb3d6775182565f635f17c15c75e8bf6c78eaa8f41b0c33586a299e9e5b66

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Sat, 23 Oct 2021 15:29:06 GMT
content-encoding
gzip
access-control-allow-origin
https://www.manta.com
machineid
1437
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19149-FRA
pragma
no-cache
server
nginx
x-timer
S1635002946.017797,VS0,VE100
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://vpaid.pubmatic.com>; rel=preconnect,<https://taboola-d.openx.net>; rel=preconnect,<http://ads.stickyadstv.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/
1 KB
864 B
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&gdpr=1&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
638d1d080d0084a936151c9ce86a699f7f94cbb4e9eaa48c90fcd71a7d6dcc80

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:06 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.manta.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
598
expires
Sat, 23 Oct 2021 15:29:06 GMT
av
taboola-d.openx.net/v/1.0/
48 B
250 B
XHR
General
Full URL
https://taboola-d.openx.net/v/1.0/av?auid=543846817&gdpr=1&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 15:29:06 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.manta.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
7042993
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7042993?_fw_gdpr=1&schain=1.0,1!taboola.com,1281029,1,1556084971&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0758efdde70970ea59c907219d1b40bc451cea8f930527169aaf79a189a7821a

Request headers

Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:06 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.manta.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1174
x-sticky-vk
1635002946148003-406
Expires
Sat, 23 Oct 2021 15:29:06 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 4EA2
337 KB
114 KB
Script
General
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
473f9af2c2b3673ff53946714c6fa377298cdfd1b440b76f672d54c47653b9ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1635002944.dop141.fr8.t,1635002946.cds156.fr8.shn,1635002946.cds156.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116229
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 4A3A
152 KB
36 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&gdpr=1&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.8.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:06 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 4EA2
25 KB
25 KB
XHR
General
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1635002946260
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 15:29:06 GMT
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1635002944.dop222.fr8.t,1635002946.cds131.fr8.shn,1635002946.cds131.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.manta.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 4EA2
0
0

auto-user-sync
ads.stickyadstv.com/
43 B
394 B
Image
General
Full URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:06 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1635002946218026-404
Expires
Sat, 23 Oct 2021 15:29:06 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 4EA2
767 B
1 KB
XHR
General
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7042993&loc=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&gdpr=1&gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eda221e8d68c2c271c55f81b565c3f59a2de7d9bbae6c4f58ba4c2aab9f73d

Request headers

Accept
application/xml, text/xml
Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:06 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.manta.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
767
x-sticky-vk
1635002946164078-338
Expires
Sat, 23 Oct 2021 15:29:06 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 4EA2
67 B
718 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7042993&_fw_gdpr=1&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1281029%2C1%2C1556084971&vav=8ff16e223734c36d723f4e099b54435c&vaviv=69bcf9d2b96a51f4803c007487e85d01&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.0.2&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.manta.com%2Fc%2Fmx5m8pq%2Fmaid-vip&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.manta.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:06 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.manta.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1635002946172077-346
Expires
Sat, 23 Oct 2021 15:29:06 GMT
user-matching
ads.stickyadstv.com/ Frame 4EA2
0
0

user-matching
ads.stickyadstv.com/
43 B
394 B
Image
General
Full URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=1&_fw_gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:06 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1635002946206063-354
Expires
Sat, 23 Oct 2021 15:29:06 GMT
user-matching
ads.stickyadstv.com/ Frame 4EA2
0
0

user-matching
ads.stickyadstv.com/
43 B
394 B
Image
General
Full URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=1&_fw_gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Oct 2021 15:29:06 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1635002946205074-422
Expires
Sat, 23 Oct 2021 15:29:06 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2D68
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.manta.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=A06FAAE5-0E37-4E40-B89D-2B7A3A319946; chkChromeAb67Sec=1; DPSync3=1635033600%3A174%7C1636156800%3A197_219_201; SyncRTB3=1636156800%3A176_189_220_88_7_3_166_204_21_56_165_222_161_230_13_22_71_81_8_55_234_231_54_99%7C1637539200%3A203%7C1635552000%3A2_15_223%7C1635811200%3A63%7C1636243200%3A35; KRTBCOOKIE_80=22987-CAESEA3zfXNUsY2kEB-WS7zD8jQ&KRTB&16514-CAESEA3zfXNUsY2kEB-WS7zD8jQ&KRTB&23025-CAESEA3zfXNUsY2kEB-WS7zD8jQ; PUBMDCID=3; KRTBCOOKIE_409=22966-hUyaRREaeI5M6DMwqim7XshB; KRTBCOOKIE_153=19420-a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ&KRTB&22979-a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ; KRTBCOOKIE_1101=23040-7022284173346601113; KRTBCOOKIE_27=16735-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&16736-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&23019-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&23114-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90; KRTBCOOKIE_377=6810-27a44235-8757-4bf6-a2b4-5d98a0816fca&KRTB&22918-27a44235-8757-4bf6-a2b4-5d98a0816fca&KRTB&23031-27a44235-8757-4bf6-a2b4-5d98a0816fca; KRTBCOOKIE_336=5844-7584791455511712389; KRTBCOOKIE_391=22924-1750532214226875959&KRTB&23263-1750532214226875959; KRTBCOOKIE_57=22776-4428407269026717231; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_594=17107-RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003; SPugT=1635002943; KRTBCOOKIE_218=4056-YXQqQAALVwdiAgAT&KRTB&22978-YXQqQAALVwdiAgAT&KRTB&23194-YXQqQAALVwdiAgAT&KRTB&23209-YXQqQAALVwdiAgAT; KRTBCOOKIE_22=14911-2901899503653063483; PugT=1635002943; KRTBCOOKIE_466=16530-5daddd8f-0493-48f5-920e-daba1f783b92; pp=156307; _curtime=1635002944; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=118672
expires
Mon, 25 Oct 2021 00:26:58 GMT
date
Sat, 23 Oct 2021 15:29:06 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4A3A
38 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: www.manta.com
URL: https://www.manta.com/c/mx5m8pq/maid-vip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:06 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=118672
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Mon, 25 Oct 2021 00:26:58 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2D68
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57319552&p=156307&s=747876&a=3120364&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:05 GMT
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 4A3A
27 B
130 B
XHR
General
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&us_privacy=1---&cb=1635002946348&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.manta.com%252Fc%252Fmx5m8pq%252Fmaid-vip&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=700&vwndurl=https%253A%252F%252Fwww.manta.com%252Fc%252Fmx5m8pq%252Fmaid-vip&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-10-23%2015:29:6&ranreq=0.6515336555563078&timezone=0&depth=0&gdpr=1&gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156307&siteId=747876&adId=3120364&vadFmt=3&vapi=2&vminl=1&vmaxl=60&vh=393&vw=700&kadpageurl=https%3A%2F%2Fwww.manta.com&vfmt=1+3+5+6&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:06 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.manta.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 4A3A
0
0

track
aktrack.pubmatic.com/
0
61 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156307&s=747876&a=3120364&ts=1635002946&wa=0&e=96&ier=101%20%20&1635002946882
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.manta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:29:06 GMT
content-length
0
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDYxYTAwZDItOGFmMC02ZmZiLTUzMzAtMGM0MTRhNGI3YjI0
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156307&s=747876&a=3120364&wa=243&ts=1635002944&wc=16514&crId=217471000&ucrid=12042205325910973423&impid=52BA7BE9-795C-4639-A1DA-270EE51E6A98&advertiser_id=13471&ecpm=58.506979&er=982&pfi=1&ch=3&it=1&vadFmt=6&vapi=2&sURL=manta.com&vc=2
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?&fp=1&mpc=30&p=156307&gdpr=1&gdpr_consent=&pmc=1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fpmc%3D1%26partnerID%3D156307%26partnerUID%3D%28null%29
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=notify&exchange=pubmatic&creative_id=217471000&creative_type=78&usl_id=2581703567&errorcode=900&asseturi=[ASSETURI]&ord=[CACHEBUSTING]&offset=[CONTENTPLAYHEAD]&d=APEucNUrGd1XvudyyS08dil_oxW-VbIH7eAl3OeRAvIvQq5Wf-O0SG4i_Sj9ZuH_CdgKRUeWQ2yjmNKCuWUPaR6A2OCPum3mHA
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=1&_fw_gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=1&_fw_gdpr_consent=CPOiaZ5POiaZ5AXADAENByCgAAAAAH_AAAAAAAAQhAJMNS8gC7MscGTaNKoUQIwrCQqAUAFFAMLRFYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoKtjTCAMt8CKBR_RUYCNZogWBkJCwcxwBICXiyQAA.YAAAAAAAAAAA
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156307&s=747876&a=3120364&ts=1635002947&wa=0&e=95&vc=2

Verdicts & Comments Add Verdict or Comment

376 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| onbeforexrselect boolean| originAgentCluster object| tyche number| screenWidth string| sSz string| wsSz string| wSz object| gtmData object| gtmDataLayer function| gaTrack function| $ function| cash function| Cookies function| redaxios function| axios function| loadScript function| SimpleLightbox object| __PRELOADED_STATE__ object| cache function| logError object| gaTrackSS function| maTrack object| mantaTrack string| google_feedback string| google_max_num_ads string| google_ad_channel string| btype string| custSeg function| google_ad_request_done number| adsenseStartTime object| googletag object| _taboola number| googleNDT_ number| googleAltLoader object| google function| loadSearchBar function| createErrorMessage function| removeError object| adsbygoogle object| photosLB object| a0_0x433e function| a0_0x3d7e function| throttle function| throttled object| header object| navLinks number| sticky function| myFunction function| isVisible object| elements object| counts object| gamSlots number| loadedScript function| lazyLoadReviews function| trackReviews object| __CF$cv$params object| pageos object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR boolean| _pageViewSampling object| _pwLogger boolean| excludeMoat boolean| pwKruxEnabled string| _pwKassandraVer boolean| _pwUserInCA object| webpackJsonppageos object| __core-js_shared__ object| core object| PageOS object| ramp object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async object| google_tag_manager function| postscribe object| google_tag_manager_external string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga object| matches number| current string| piAId string| piCId string| piHostname function| hj object| _hjSettings function| __d3lUW8vwsKlB__ object| TRC object| _tblConsole undefined| msg object| _comscore function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState object| googlefc object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| udm_ object| ns_p object| COMSCORE object| gaplugins object| gaGlobal object| gaData function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| default_ContributorServingResponseClientJs object| __googlefc object| NzlkZjA1MzY1NDFiZDk4OWxvYWRlcl9qcw== string| NzlkZjA1MzY1NDFiZDk4OWNhY2hlZF9qcw== object| __fcInternalApiManager string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| google_optimize function| handleUrlbiOptOut string| urlbiOptedOut function| __tcfapi object| cnvr_launcher_options object| placementData object| _tfa object| google_llp object| Pixel object| conversant boolean| google_empty_script_included object| cmTag boolean| 478d02bb-bed6-4b22-ac1b-398ca5613524 object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ object| cmpConfig object| GoogleGcLKhOms object| _cm_wfCounters string| lastWfUrl function| setImmediate function| clearImmediate function| webpackHotUpdate function| startCMTagMain undefined| ct undefined| et undefined| hourElapsed undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_65827439 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi string| category function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property object| hashes function| _xamzrequire object| AWS function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist string| vpaidId function| OvaMediaPlayer object| google_image_requests object| webpackJsonpTyche object| Tyche object| consoleHandler object| kinesis object| __pwpbjs__ object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| ADAGIO object| pbjs object| __pwhbjs object| apstag function| piResponse object| regeneratorRuntime object| ats boolean| apstagLOADED

108 Cookies

Domain/Path Name / Value
www.manta.com/ Name: city
Value: j%3Anull
www.manta.com/ Name: state
Value: j%3Anull
www.manta.com/ Name: stateAbbrv
Value: j%3Anull
www.manta.com/ Name: lat
Value: 34.773193
www.manta.com/ Name: lon
Value: 113.721985
www.manta.com/ Name: ipContinent
Value: AS
www.manta.com/ Name: country
Value: China
www.manta.com/ Name: ipCountry
Value: CN
www.manta.com/ Name: refer_id
Value: 0000
www.manta.com/ Name: sess_refer
Value: 1
www.manta.com/ Name: cust_id
Value: 8963f1fc-452f-4f65-89e1-2bf29c02d973
.manta.com/ Name: pageDepth
Value: 1
.manta.com/ Name: adImps
Value: 1
.manta.com/ Name: randNum
Value: 43
.scorecardresearch.com/ Name: UID
Value: 1N5K4FEZZDTD8R0QBAKCQLg1635002942
.manta.com/ Name: _ga
Value: GA1.2.1392064569.1635002942
.manta.com/ Name: _gid
Value: GA1.2.1708298876.1635002942
.manta.com/ Name: __cf_bm
Value: gRSPF5K32f.26n8PrNL4q1HTkx1EiTW4splxkXsoT08-1635002942-0-ARmpDSM2C3exc/8XGG/SK9vr07oJRGWVjnqajrTPbDvjYeNOI2cGOFB1zlYbH1gJkMKwO+TE9YZg61JCluXj/1+KodKXGRWUC+OH7Qr3Wxmqeohgk783Qn7/f4O4QKJrbvnz8yBJHlWzzZsrmityfKk=
.manta.com/ Name: _hjid
Value: e9b02cc6-e6f6-4958-94c1-91f76a8299e3
.manta.com/ Name: _hjFirstSeen
Value: 1
.manta.com/ Name: __gads
Value: ID=18aa4104cbbbb9e9-22ddf571feca008b:T=1635002942:RT=1635002942:S=ALNI_Mb_c8iNmSsL5m21iquWo4sfvdF3MA
www.manta.com/ Name: _hjIncludedInSessionSample
Value: 1
.manta.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.manta.com/ Name: _dc_gtm_UA-10299948-11
Value: 1
.manta.com/ Name: _gat_UA-10299948-11
Value: 1
urlbi.com/ Name: sid
Value: f34844c1-3415-11ec-96f1-2d0ea72b1290
www.manta.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D5d876040-94b1-49db-979b-5f9826d7c162-tuct86dafbe
.doubleclick.net/ Name: IDE
Value: AHWqTUnFSk_mO_a-kxYI99YFTiI29_TDfUEKfnyLuizpiJ75ctaKdi85Z7zjriNjHww
.manta.com/ Name: FCNEC
Value: [["AKsRol_0xYZeFDIgPeMKKIKqRn9Z2SdVIMk6wr98HLzbDY5x4iMw_1OpBnpRQrQJzHZhSqEG799b_xXT20N3CSeCZ1HTdJgs6ou-N8XE8XKLEQtRUcB0ljk_bZvqBmXe-ql_UePu6pFxo4L--f3NmTK3AE8UTSwAWw=="]]
.manta.com/ Name: FCCDCF
Value: [null,null,["[[],[],[],[],null,null,true]",1635002943014]]
.manta.com/ Name: cmp-data
Value: . . be98cb7b-ae89-4554-98cb-61c25ad81307
.spotxchange.com/ Name: audience
Value: f3f4ab02-3415-11ec-b974-169e7f670306
.taboola.com/ Name: t_gid
Value: 1c481b1d-912c-4f37-a46c-f7f39673d806-tuct86dafbf
www.manta.com/ Name: usprivacy
Value: 1---
.openx.net/ Name: i
Value: f9d9ec41-ea00-0ea8-1c06-9e10e48e86b9|1635002943
.openx.net/ Name: v
Value: 1
.openx.net/ Name: pd
Value: v2|1635002943|vN
ads.stickyadstv.com/ Name: UID
Value: fec662fde6fed719833f3ef786959e20
ads.stickyadstv.com/ Name: sessionId
Value: 10ab36917cfb3f1e71948c41a9cdf28
.pardot.com/ Name: visitor_id714133
Value: 591016327
.pardot.com/ Name: visitor_id714133-hash
Value: e74428d1735ab9b91fe743d9790241de14ebe60706aa5a352b9f842f4897396fc3d89944880a20b449383f2149ce3e9f39ba37dd
pi.pardot.com/ Name: lpv714133
Value: aHR0cHM6Ly93d3cubWFudGEuY29tL2MvbXg1bThwcS9tYWlkLXZpcA%3D%3D
.casalemedia.com/ Name: CMID
Value: YXQqPw-rXgE1j0e5Y7pouQAA
.casalemedia.com/ Name: CMPS
Value: 3176
.casalemedia.com/ Name: CMPRO
Value: 1171
.casalemedia.com/ Name: CMST
Value: YXQqQGF0KkAA
www.manta.com/ Name: visitor_id714133
Value: 591016327
www.manta.com/ Name: visitor_id714133-hash
Value: e74428d1735ab9b91fe743d9790241de14ebe60706aa5a352b9f842f4897396fc3d89944880a20b449383f2149ce3e9f39ba37dd
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A06FAAE5-0E37-4E40-B89D-2B7A3A319946
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1635033600%3A174%7C1636156800%3A197_219_201
.pubmatic.com/ Name: SyncRTB3
Value: 1636156800%3A176_189_220_88_7_3_166_204_21_56_165_222_161_230_13_22_71_81_8_55_234_231_54_99%7C1637539200%3A203%7C1635552000%3A2_15_223%7C1635811200%3A63%7C1636243200%3A35
.bidswitch.net/ Name: tuuid
Value: 5daddd8f-0493-48f5-920e-daba1f783b92
.bidswitch.net/ Name: c
Value: 1635002944
.bidswitch.net/ Name: tuuid_lu
Value: 1635002944
.adsrvr.org/ Name: TDID
Value: 27a44235-8757-4bf6-a2b4-5d98a0816fca
.adfarm1.adition.com/ Name: UserID1
Value: 7022284173346601113
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EKIBCwHGJPijAA
.quantserve.com/ Name: mc
Value: 61742a40-23813-53fc3-99356
.simpli.fi/ Name: suid
Value: 6944E7FBA5134CCE8D544F457B19554A
.erne.co/ Name: u
Value: hUyaRREaeI5M6DMwqim7XshB
.mathtag.com/ Name: uuid
Value: cdf66174-2a3f-4800-8513-6751dc0b4f90
.de17a.com/ Name: guid2
Value: 1.7584791455511712389
.adform.net/ Name: uid
Value: 1750532214226875959
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwig6_m7kpGLOhAFOAFaC2FkY29uZHVjdG9yYAI.
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003%22%7D
.adnxs.com/ Name: uuid2
Value: 4428407269026717231
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEA3zfXNUsY2kEB-WS7zD8jQ&KRTB&16514-CAESEA3zfXNUsY2kEB-WS7zD8jQ&KRTB&23025-CAESEA3zfXNUsY2kEB-WS7zD8jQ
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-hUyaRREaeI5M6DMwqim7XshB
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~214f
.yahoo.com/ Name: A3
Value: d=AQABBEAqdGECEHna9GoFkJlB152fMnMXvtYFEgEBAQF7dWF-YQAAAAAA_eMAAA&S=AQAAAnF5AniTjCb1B6sbn6cl8YY
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ&KRTB&22979-a4qeIW_anSVwiZotbIiEIG7dyiZwgpAmaI39pSeQ
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7022284173346601113
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&16736-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&23019-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90&KRTB&23114-uid:cdf66174-2a3f-4800-8513-6751dc0b4f90
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-27a44235-8757-4bf6-a2b4-5d98a0816fca&KRTB&22918-27a44235-8757-4bf6-a2b4-5d98a0816fca&KRTB&23031-27a44235-8757-4bf6-a2b4-5d98a0816fca
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7584791455511712389
www.manta.com/ Name: _lr_geo_location
Value: DE
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1750532214226875959&KRTB&23263-1750532214226875959
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003%22%7D
.casalemedia.com/ Name: CMRUM3
Value: e661742a402760&2e61742a4005a0&4061742a4005a0&f161742a4005a0&da61742a402760&bf61742a4005a0&2d61742a402760CAESEFz3kGJfHBTKyPBTUx2zS90&2761742a400b40
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4428407269026717231
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-369473c1-8946-44ee-9d2a-b53abf4fcb89-003
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YXQqQAALVwdiAgAT
.pubmatic.com/ Name: SPugT
Value: 1635002943
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YXQqQAALVwdiAgAT&KRTB&22978-YXQqQAALVwdiAgAT&KRTB&23194-YXQqQAALVwdiAgAT&KRTB&23209-YXQqQAALVwdiAgAT
ads.playground.xyz/ Name: connect.sid
Value: s%3AT41YKJgR0AzUR_sXHHQcWLl-o06KCnZr.JGRIzeQec2CI%2B9c6EXCr03E8YaCdnbyg3yNTR2Q9p1o
.adsby.bidtheatre.com/ Name: __kuid
Value: fb4e7658-b58d-4c13-a0f5-e47dcf770467.404216944
.bidr.io/ Name: bito
Value: AADtRk7C6FUAABuIrlOQfg
.bidr.io/ Name: bitoIsSecure
Value: ok
.onaudience.com/ Name: cookie
Value: c4b8189240f25f6d
.onaudience.com/ Name: done_redirects161
Value: 1
ads.stickyadstv.com/ Name: pxId
Value: 1425
.turn.com/ Name: uid
Value: 2901899503653063483
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2901899503653063483
.pubmatic.com/ Name: PugT
Value: 1635002943
.tribalfusion.com/ Name: ANON_ID
Value: a8nseFw5EGjAaINQeEsGxhZboMkSGWZaf7dmZacjcYtSsLW12RZdZbaqpaHAXpFWVZaZdKRCIJX3CNoPsPLU0j8Mjnu
event.clientgear.com/ Name: mkuuid
Value: mk14f67ea4-b73b-459c-be49-689f91cfe8b0
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-5daddd8f-0493-48f5-920e-daba1f783b92
.exelator.com/ Name: EE
Value: "faaccf1900b60b715a06089827112244"
go2.manta.com/ Name: visitor_id714133
Value: 591016327
go2.manta.com/ Name: visitor_id714133-hash
Value: e74428d1735ab9b91fe743d9790241de14ebe60706aa5a352b9f842f4897396fc3d89944880a20b449383f2149ce3e9f39ba37dd
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSEtMTE5Oc3Q0sAgycwgydzQNNHAzMDC0sLI3NDQyMjEZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJySX5RZvoiF9fFRSlpDItKik8F7wt7DABWQynA"
.pubmatic.com/ Name: pp
Value: 156307
.pubmatic.com/ Name: _curtime
Value: 1635002944
.pubmatic.com/ Name: PMDTSHR
Value: cat:

4 Console Messages

Source Level URL
Text
javascript error URL: https://www.manta.com/c/mx5m8pq/maid-vip
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDYxYTAwZDItOGFmMC02ZmZiLTUzMzAtMGM0MTRhNGI3YjI0' (redirected from 'https://taboola-d.openx.net/v/1.0/av?auid=543846817&gdpr=1&us_privacy=1---') from origin 'https://www.manta.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDYxYTAwZDItOGFmMC02ZmZiLTUzMzAtMGM0MTRhNGI3YjI0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.tribalfusion.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api.btloader.com
api.conversant.mgr.consensu.org
ats.rlcdn.com
bid.g.doubleclick.net
btloader.com
c.amazon-adsystem.com
c1.adform.net
cc3.manta-r3.com
cdn.conversant.mgr.consensu.org
cdn.intergi.com
cdn.intergient.com
cdn.stickyadstv.com
cdn.taboola.com
cds.taboola.com
cm.adgrx.com
cm.g.doubleclick.net
config.playwire.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
go2.manta.com
googleads.g.doubleclick.net
green.erne.co
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.manta-r3.com
imprammp.taboola.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mb.moatads.com
pagead2.googlesyndication.com
partner.googleadservices.com
pi.pardot.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.hotjar.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
taboola-d.openx.net
taboola-supply-partners.tremorhub.com
tag.crsspxl.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
urlbi.com
vars.hotjar.com
vid.pubmatic.com
vidstat.taboola.com
vpaid.pubmatic.com
wf.taboola.com
widget.consent.urlbi.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.manta.com
x.bidswitch.net
z.moatads.com
ads.stickyadstv.com
aktrack.pubmatic.com
cm.g.doubleclick.net
csync.loopme.me
dmp.brand-display.com
image8.pubmatic.com
pagead2.googlesyndication.com
104.109.78.125
104.111.219.144
104.111.247.126
13.32.121.17
130.211.23.194
141.226.224.32
141.226.228.48
142.250.184.198
142.250.185.226
151.101.2.49
151.101.65.44
159.253.128.188
159.65.196.12
159.65.233.166
169.197.150.7
172.217.23.98
178.250.2.151
18.196.176.125
18.66.112.30
18.66.112.81
18.66.122.59
18.66.97.37
185.29.132.245
185.33.220.241
185.33.221.11
185.64.189.110
185.64.190.75
185.94.180.126
188.165.137.78
198.47.127.19
198.47.127.20
2.18.233.180
2.18.234.21
2.18.234.233
2.18.235.40
2.19.35.65
2001:4de0:ac19::1:b:1b
2001:678:cb4:bbbb::11
209.54.178.82
213.155.156.185
213.19.147.45
2600:1f18:612b:4200:787a:99c3:22c2:11ca
2600:9000:223c:fc00:1a:1459:5cc0:93a1
2600:9000:223d:d000:14:2602:6e80:93a1
2600:9000:2250:3000:12:4abd:d340:93a1
2606:4700:20::681a:ad1
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700::6812:d05
2606:4700::6813:d184
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9b
2a02:fa8:8806:12::1370
2a02:fa8:8806:20::2100
2a05:d018:d29:3601:c383:8b40:dc7f:a016
3.126.56.137
34.224.118.226
34.232.140.51
34.246.74.180
34.254.143.3
34.98.107.212
34.98.64.218
37.157.3.30
47.252.78.131
51.222.80.231
52.202.69.186
52.222.210.175
52.222.214.38
52.222.214.88
52.222.236.74
52.30.222.33
52.48.175.241
54.171.219.200
64.233.167.156
66.155.71.25
69.173.144.139
72.251.241.204
76.223.111.131
85.114.159.93
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0758efdde70970ea59c907219d1b40bc451cea8f930527169aaf79a189a7821a
07eda221e8d68c2c271c55f81b565c3f59a2de7d9bbae6c4f58ba4c2aab9f73d
08fa76d3f76d7b497d34c95506bb22ba7d43bce73c58db0ed7197a0ccc7a4969
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
134c91956455eb241d286787dda06c5fd8bcdcba4af2b2074afb40c70d15e043
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
1448e502c7901edccb5c43a138ab4606140dd74bfc316aac6b3db043793e5f03
152fdbc070919d427dd79b02fe9a72fcfeede053ec38c2f882cc1b78420bcc56
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ab47c16e74165d0f7b0886a700859f12ad1131a94f1574338750df949fcf1db
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1e6f4c795337ff4e514d972bcb14e6f717fe96857630799ab895c45d330c67c8
225a5d44793400c62040e70a55fc77beed0a3cbc0d7ac361abbf4085392b1e20
241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556
267d1daed09d9ecec5f1e21bb6fe93e6eb9b65a051b7c07e966dfcda10f9e812
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2b4a1d90593b73f5c051acbdbee4622a97477f3459cb4b68155091500d4067a2
2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31d1799663bbb6029214d90ba7db9cdc725fa02c16d4b090add3721e44238b6b
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
342ed94296f56cde0d3b4739acb64a7636c3771146d1a3401e76e14ad569606a
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a623f9daecf93d059eeca5c509c612c5a761b9f9eca686102a24ef4d95dd5e4
3c875f6a7bff9518cf1bc31419712e409d77bc83963de338fb0b0a2da2d5fda7
3d2e673f2dfea57534b1541982bab04367f441a606b94b419e2f2355d816af16
3e224775a1985db7a8db74d2b3aabe370f2664f4c0ee129b44dc0f0294d5996f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
409faf37a965d3faf98b9b35c2281942c60935ac31f6aeae24557a75e8c6c021
411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
473f9af2c2b3673ff53946714c6fa377298cdfd1b440b76f672d54c47653b9ef
476d868bbbd6c429d1a1f05761d74846076e34785a654e882d4dd455ebbf5ad0
48730b0b9f0732c79ead71c8b1ae1586187efd5104460862a9bda97051aeb2fc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef3a14bc374f282ed743bdfdbecb8744ea21e39d3a32b16f9fdc663678e9847
4f08c7f05ddb50a10e8a25fcc3dcbb424f615f6533529c71b9e6fd6d687b6397
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1
5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b
53fdf5195ba5d75d4d857cd96fa8ffd619a9e6b8f24a5761646cc1863459c056
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5516b2176a6921e3f8d1cc48f9acdb1c0c602f5c9505fbd2d3472015e2fb9b4d
56085db0fc84b660a577ec1ad659dd2708c0ab37edb3ef6b514c9a93c4c92ee5
577cb73ab9df232d41ffdeeea1d715f5090b9ceb41e77a8ae698d1d9d3f7d099
57e10b88fa4f87e1d34975f93d17ad63362f4743ceb75d384c4fdecd2e98e6be
5a5976913f413e4a5bc7d39c78bc93533dbab35fa45e0b7cc37474fec4ba6750
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5eef1afbaca29ad0295ebadbe75430e7ee6ddf76b14ff7c649f9d9de4582703e
5fbf9c7a46ce00882e1ac7b069a56d060431343e32a8e7f437ff408a410abe80
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
636713c0d4608b0950f3c670ff7168a399b1e8f70b77a12f2a77404c354ac0b8
638d1d080d0084a936151c9ce86a699f7f94cbb4e9eaa48c90fcd71a7d6dcc80
63de30a657bccde3628bdb506e684eddcff3e21a0969d89b07c1230c3629019e
64c17babe83d6710b7bf2f3d4eb3ea8c7b77e62f41c5ec924eae4d3a1e482323
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
66292d1f2876ac355465cd5ca1562a9b1dc18c2cf0c498c7d5862ab0f22e5d6b
6772e8917ee4fb1d8130c2c1ba4fc3105a6b24e2b240d6d71f2fde2a46d63358
694b274340e5cf46cedc7cc5b46277659923a66176203a04820944f70b63f569
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
6dbfba471ede6d5d286947ae471abb02656ff5cc5f69374dd133ed2ba11e86c3
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
6fe158617fb4867d1db2bd9d476d18f533f3bc188b5710b07c4a3caee716422b
71342d6fc47aa0b073257a850b658e9e8174b70c9743c30e7bec0d9842b697f1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7b517a25ccec5e4ae5dc0a0bd07c0f67bd61e713e2d7a2634d425278d5ce5e3e
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fc3ffcdb32a53647771d7c339575f3c233a686fb14a1a89b43896b72060df9c
7fdd4e727b0b684b86cc7dab5cf0b35014c7da5c7b08e6270656fc6d49e8442c
7fe0088dbc656896706b36a64b5376056ed8648fa64af237d06ffa398b9bd17c
809cdf7527a10f43477aa400ade06858914cfcc1a7cd306e955c4666923bf290
80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c
814047fd4d5976f0aba21596965b6675fb5033c3a13f43b5e7b355ae7ef8634d
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8334e5eb7851550868428f192dd7d9f10d7b513381d8bb3f5606774bc78c3976
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fc9ad22fe7eec4d501eb48a2774e3fe1ab49a03d362f097bdf28d73f396b7cc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41
9575bd5c05aa210be7be6664a949d42870f078f3108b290fc5c8182a53c64ebb
9943b8f4183b5d1af6c61041137373b4de761f7ba52fe4ec310d7d576bf3f59f
9abbef161f3a1fe62dc5e5fa181a6a5ac94e6a74a329481c4dd69ffb41223265
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a772352d1dc25e936652a140975775186ee84c7f09430cdb626c23dcca30ec1c
a788806a2fdba620e0f2823fedfd68e164bace859201a9d48d1f98c7f1be9b3c
a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2a52a39cacddfd3fab5a06fe9c7c154bd96eba14e3676b12da94cc06e18109
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
abad0dc7ace01ebc13b812b39ec47f2adfb1d23a7a1fa2724c9d6d2a3bc4042f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e473e9f464a7c089378dfe161d379c46654dff3cae46151bef9286a0d0c33b
b6164723a07c8b6156b5e095faa3622ba23890444bc69d9a662c47def3028d93
bdcc13c2a0fb02a595f26d25d6ac5057719ce7050ecf985585102390e6fc06d3
bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0
c0d6f7e971f7deded9b3c123d9d51fdc973e6729ea8709ea59298740f99c19c3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c261d9470a2c7349520df8060808d49a76443415a971f3ef092ea7e6edbc275f
c32c59ee0d9771fe7a5437b58d55c11743b4bd480788279fa9ce2397c8d7ec2e
c4132d58313fd8393ef5f1d7c0ae6800bb7e85b92db7e13d560e0a09104998f4
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c9bc4a6c57b54aa300e3183531e47724caa51058639bd2143b100487b82113f4
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cdbaeedebe9b302de679c353f13864675d065cf77110db1bdc6bc1956f07dce1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16f6f0436e8fdfa3eaa4b572edfe42ac61a514c99a38e502d917ec210982f25
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d473780efdb44c40fbb286ba919f3c1df180c4e3ac2e738f8f017f1cc2ac03b8
d58e5173aa77594781fbbd9ea267e60cb224b9ed9bf780ee7fbb74af19bc5e5d
d6dc97993d7e4803aeb35d0e9a24f0393eceb43de5f7ff0f0e437f1b05aea4e2
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7b23eac1123714955459e5013c16a2cd1bcc7357102c034dfa5dc14f309b427
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56
d88a8bbdba9c7216c9b5176776f6658ffa6cc7adce6922dee216035666102988
d92a3e14a3a532db3a1f281339226bab8fc36097e073bc71eb1b125c2c8e00a4
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
da4c70755f82ff615c0fd3cad94bf62b19a9d5c25ab87268097eaa9609098bec
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7b10eaab1f3ee093d20cc0c5d8c60dfe788b58ac8a4a8ddfe534be975df598
e0ffd733e8a745676c04d635bc1f36e84bc809cd79113c5001723527597ec04c
e1bf61767f004ffbb15dc6d2c3d55c404319e5d44af85526eb4c235cb163cce6
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6843ebbc25aab2ea0a89c3941516fe680ef1c8e24f0cc679cfded40613fac3d
e6d004938dc320652e4c593be28240d0856d52b53b90e40389cccbbcf91199de
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65
e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5
eb30131f8b58afc90a1820a11fd1b19e00f5eadad822e181f578838091715bce
ebc9499a1fa1277f95c8184e0fbd2260f08cdd5a45e190d93e9f1de44cc2d35a
ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10
eee86b8fc9dd05c7408673bc9f2bc1fafc2672540fc80a693b0e68847baac113
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0efbed475c7b3469628fad118e3ff3fc9975f0f57e389a54d900fc85074e0f5
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc
f64fbb25301a7fa953e2c6845f40a756f710bc450fe77e21040810b3f2da5349
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7dfb3d6775182565f635f17c15c75e8bf6c78eaa8f41b0c33586a299e9e5b66
f837e34ead3df38437a99751739937715d9e7af680fd3c15f348227649bedb61
f8b9f22732f3d2c49ca10f6325c06ff383f93cd21d05f8b131cc3a90d522a0c7
f9a71b81af22b4823fda97cdc3d5a5f8f209ff5acb6c6f590a958fc5e7c484da
fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fc55cc5adddeec6d4d82b6b21a3955dfeef5904dae74b6c5f16403c8161625b4
fe02472d15671bc8664db460a411a4e86bd7402a7c8e9874469a4904ada521f2
ff2ae2a84ccfd71438656ac8b21a976c4aaf3668c1b6dde8cf4d142e6390e9f2
ff4591551bd8cc5fab95929ff80970339e10f94a0a0fed84f46414b52684f726