boxofficeindia.com Open in urlscan Pro
2606:4700:3034::6815:8ef Public Scan

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:52 GMT
AN-X-Request-Uuid: b5084394-21b4-4d7a-a510-2f7d218c1945
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://boxofficeindia.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 91ms
34ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://boxofficeindia.com
date: Fri, 20 Jan 2023 13:13:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
567 B 137ms
100ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=867498
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b97f3f24a117c6ab4f2c0a06f928fd6eb414283d2df91e083d14963d0cdcd44

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Vlc2boC4Q1qRzlpNBFYtjqchN1%2F3Jjsc3J38ybUUrfzENXKFgWkFl0INgqsWTswqThwUDBD%2FYyJFkZMELZi6oERiBmd0Hz%2BNAFdZydfYVzOhnVZ8KFlaIj1z4vkteO1wuZFYO12"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 78c811e73f679b8e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 400
Bad Request header-bidding-request Show response
mweb-hb.presage.io/api/ 0
498 B 101ms
83ms XHR
application/json 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mweb-hb.presage.io/api/header-bidding-request
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-24.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 20 Jan 2023 13:13:52 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Error from cloudfront
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: https://boxofficeindia.com
Content-Type: application/json
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: 23B-8WdnKZ4wC40xjiTx2NBq1I1_pwp5awt3WtyGWC766-ZneDee-w==

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 128ms
25ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:52 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 129ms
25ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:52 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 383 B
945 B 184ms
123ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=454140&zone_id=2660452&size_id=2&alt_size_ids=55&rp_schain=1.0,1!anymanager.io,7648,1,,,&rf=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.pbadslot=%2F21622890900%2C1067277%2FSG_boxofficeindia.com_res_article_top2_970x90%2F%2F728x90%2F%2F300x250%2F%2F336x280&tk_flint=pbjs_lite_v7.26.0&x_source.tid=02ccfe04-cf81-47a6-8dbd-83801498e98e&l_pb_bid_id=18962cbdcd0248b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21622890900%2C1067277%2FSG_boxofficeindia.com_res_article_top2_970x90%2F%2F728x90%2F%2F300x250%2F%2F336x280&slots=1&rand=0.7963040932672787
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b81225be3716928f25296903902946e62f8ff79885bcb604cafd76d303426c1e

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:52 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://boxofficeindia.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 383
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 72 B
379 B 80ms
32ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fboxofficeindia.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=02ccfe04-cf81-47a6-8dbd-83801498e98e&nocache=1674220432487&schain=1.0%2C1!anymanager.io%2C7648%2C1%2C%2C%2C&aus=728x90%2C970x90&divids=ats-insert_ads-4&aucs=%252F21622890900%252C1067277%252FSG_boxofficeindia.com_res_article_top2_970x90%252F%252F728x90%252F%252F300x250%252F%252F336x280&auid=558423368
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 1ddf596b2efe8036dfce82f1bb2fb582576c7d591ebd96f192b3d57cebd20abb

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:52 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://boxofficeindia.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 load-cookies.html Show response
b2cdn.automatad.com/geo/amp_user_sync/ Frame 1FEA 7 KB
4 KB 14ms
12ms Document
text/html 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/geo/amp_user_sync/load-cookies.html
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/DMC6nI/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: c6871b85c46dbe6768b62845b6f6bfc1bb02351cd074732f7ded5bfceaedd458

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=43200
cdn-cache: HIT
cdn-cachedat: 01/17/2023 14:37:30
cdn-edgestorageid: 1075
cdn-proxyver: 1.03
cdn-pullzone: 87832
cdn-requestcountrycode: DE
cdn-requestid: a9fd581fccb6314a7571d752c80f2033
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 13:13:52 GMT
last-modified: Wed, 03 Aug 2022 08:28:20 GMT
server: BunnyCDN-DE1-1079
vary: Accept-Encoding
x-iplb-instance: 28795
x-iplb-request-id: B95D01F6:A315_8E2CE366:01BB_63C6B2A7_32563FD4:D798
x-object-meta-mtime: 1659515253.288520914
x-openstack-request-id: tx5edf2b0f8ecf44f4ba276-0063c6b2a7
x-timestamp: 1659515299.75866
x-trans-id: tx5edf2b0f8ecf44f4ba276-0063c6b2a7

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 179 KB
45 KB 92ms
7ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/DMC6nI/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 12:41:17 GMT
content-encoding: gzip
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 20:39:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 1956
etag: W/"09722bdf068e1f62e3d9a9e39a8dde87"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: pHe8aOEkx3ubC6EHoEuZUa2rVj8NUxX1ClisNFTdq0814qddkdWcng==

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 88ms
12ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://boxofficeindia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://boxofficeindia.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 20 Jan 2023 13:13:52 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 86ms
12ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://boxofficeindia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://boxofficeindia.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 20 Jan 2023 13:13:52 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 87ms
12ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://boxofficeindia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://boxofficeindia.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 20 Jan 2023 13:13:52 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 85ms
11ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://boxofficeindia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://boxofficeindia.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 20 Jan 2023 13:13:52 GMT
server: ATS/9.1.10.25

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 121ms
104ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 140c4caabbb682a4d33b6e4d42fe59e0a5077d31aedad689215897062b507c41

Request headers

Referer: https://boxofficeindia.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Jan 2023 13:13:52 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://boxofficeindia.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
299 B 120ms
103ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e73a1af1c091830deb1df0c4aab85db454ee94f2e67cca5aa6513ff250d1d7dd

Request headers

Referer: https://boxofficeindia.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Jan 2023 13:13:52 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://boxofficeindia.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 133ms
117ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 361c8f7ad3473898b378798c039baa8263761f07daccf07157a29ee8638925a5

Request headers

Referer: https://boxofficeindia.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Jan 2023 13:13:52 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://boxofficeindia.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 125ms
107ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e35a5b4dd4f58c4ca3315f57ffa400c31e0d51c952abe18c76801119b8867cdf

Request headers

Referer: https://boxofficeindia.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Jan 2023 13:13:52 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://boxofficeindia.com
access-control-allow-credentials: true
content-length: 66

POST v1
dmx.districtm.io/b/ 0
0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
405 B 634ms
141ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.28.0
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 3cfd8e20f06c29207cebaed6d124faf79ccaecbbcb3efe8854ce9674324dc3c1

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:53 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://boxofficeindia.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 adreq Show response
ads.servenobid.com/ 1 KB
830 B 333ms
246ms XHR
application/json 63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=3658
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d333db3cd48364bdd4549af60ef07228cffe568b8cf7cdcd101627eda281aac3

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:52 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://boxofficeindia.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
863 B 23ms
23ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:52 GMT
AN-X-Request-Uuid: 1db6de18-a3d3-4bca-842b-922e9bccb3b9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://boxofficeindia.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
automatad-d.openx.net/w/1.0/ 73 B
148 B 58ms
23ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://automatad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fboxofficeindia.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=94c248ff-0245-49c3-b4fc-dc10ba89fb0f%2C23f6ab41-f704-4761-8df1-37ef90b8e196%2C87abcd8a-5498-4f06-bf42-f7163dd61730%2C5797abe2-1c57-44aa-9024-74989ea5318f&nocache=1674220432591&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&aus=160x600%7C160x600%7C300x250%7C300x250&divids=fi-ash-1666181839-3321%2Cfi-ash-1666181847-6201%2CATD_BOI-D-hp-300x250-btf%2CATD_BOI-D-hp-300x250-INR&aucs=%2C%2C%2C&auid=540244493%2C540244493%2C540244493%2C540244493
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6cdffed21aa5b5629f8045b50b2a86aaca223e8f977ad0a1349f590d6c53a268

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:52 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://boxofficeindia.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
516 B 649ms
160ms XHR
text/plain 198.148.27.133
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.148.27.133 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
server: envoy
cwdl: 22/4211,22/4211,22/4211,22/4211
access-control-allow-origin: https://boxofficeindia.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 71
cw-server: bid-deployment-cffcb4799-njjdr

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 478 B
2 KB 140ms
116ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

a104-111-216-120.deploy.static.akamaitechnologies.com

Software

nginx/1.21.3 /

Resource Hash

e42c1cf79a331944bb268ce2163bc35cdc3ba0b3366f56be239a37580f7520fe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:52 GMT
AN-X-Request-Uuid: 00ef4b7a-d75f-4cd6-9cd3-ebf1c0064ca0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://boxofficeindia.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 478
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 367 B
798 B 525ms
62ms XHR
application/json 54.154.84.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1674220432594&to=0&aun=fi-ash-1666181839-3321&maxw=160&maxh=600&si=15914&pi=3&bf=160x600&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fboxofficeindia.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.28.0%22%7D&ogu=null&ns=10240
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.84.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-84-112.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bc74162332a03f883ea4e11b294f38b2529994ee5f64c04287a23858faaf64e1

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 367 B
801 B 519ms
61ms XHR
application/json 54.154.84.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1674220432604&to=0&aun=fi-ash-1666181847-6201&maxw=160&maxh=600&si=15914&pi=3&bf=160x600&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fboxofficeindia.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.28.0%22%7D&ogu=null&ns=10240
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.84.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-84-112.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5cc5ebda4e65b5ab525c7f9e27ab26aacdbe5d05ae6157dfeb601c56d426277b

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 367 B
800 B 523ms
66ms XHR
application/json 54.154.84.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1674220432614&to=0&aun=ATD_BOI-D-hp-300x250-btf&maxw=300&maxh=250&si=15911&pi=3&bf=300x250&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fboxofficeindia.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.28.0%22%7D&ogu=null&ns=10240
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.84.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-84-112.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e7aaac78f90c69b2b617977a3eacb4b1a13ad92326e039969b210ed07e06d72f

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 367 B
798 B 525ms
68ms XHR
application/json 54.154.84.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1674220432617&to=0&aun=ATD_BOI-D-hp-300x250-INR&maxw=300&maxh=250&si=15911&pi=3&bf=300x250&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fboxofficeindia.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.28.0%22%7D&ogu=null&ns=10240
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.84.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-84-112.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f6bdef806d0cfedbe93adae9e7d1a0668cc81d34cba06d56a18d0fffa4d8dfa4

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
259 B 213ms
193ms XHR
application/json 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fboxofficeindia.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 20 Jan 2023 13:13:52 GMT
surrogate-key: sFbt=https://boxofficeindia.com/
last-modified: Fri, 20 Jan 2023 12:00:00 GMT
server: nginx/1.15.8
content-type: application/json
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 37 B
288 B 277ms
257ms Script
application/json 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fboxofficeindia.com%2F&callback=_ate.cbs.rcb_jidb0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-120.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

59d1c165512f04f2936b69a22fa6da1c8a326c0be7574ad2bc63907b499a30a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: boxofficeindia.com/
last-modified: Fri, 20 Jan 2023 13:13:52 GMT
server: nginx/1.15.8
date: Fri, 20 Jan 2023 13:13:52 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 57

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 37 B
288 B 257ms
239ms Script
application/json 104.111.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fboxofficeindia.com%2F&callback=_ate.cbs.rcb_290q0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-120.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

98c082d3fc6e4e92c8127aae43b1db66087ce9e76fb8d1f6611123959fdce84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: boxofficeindia.com/
last-modified: Fri, 20 Jan 2023 13:13:52 GMT
server: nginx/1.15.8
date: Fri, 20 Jan 2023 13:13:52 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 57

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 444ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 2b4ea37ec31f94cc477c23b52eb3602b05b321f6e629109cd138aac2fa081eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:53 GMT
Content-Encoding: gzip
Age: 589
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 29165
Last-Modified: Sat, 14 Jan 2023 01:47:45 GMT
Server: ECS (frb/67AA)
Etag: "1f7a9d98d378a9b1ef4dcec793a1c434+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 436ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0d0ea0066cb3f52898b2c1243d72dc3385619fb23ee65e414c8867b92fd055a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 13:13:53 GMT
content-md5: +1zkY4yfXKHTWJ4Iyq5zpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: HjDYNq/BWaM4xUe5tN2OQRiCCKGIrNZT60Mxnphb3EvMaN6iZn9Q2sRYpc/vMEpDbKMktWONraQWY3EGKA4U8A==
x-fb-trip-id: 1679558926
x-fb-content-md5: e78d9932b1bc54b70c0cae74769de781
cross-origin-opener-policy: same-origin-allow-popups
etag: "2c7b5db903350aa42de7124af488c34a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Fri, 20 Jan 2023 13:23:21 GMT

POST
H2 200 cookie_sync Show response
us-east-pbs.automatad.com/ Frame 1FEA 3 KB
3 KB 508ms
98ms XHR
application/json 143.244.214.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-east-pbs.automatad.com/cookie_sync

Requested by

Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/geo/amp_user_sync/load-cookies.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.214.118 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

6d8dc8558384ffe6f1a6bd1a33796054007902be5f574a5b813bbc03f62262ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://b2cdn.automatad.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://b2cdn.automatad.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 432ms
54ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 432ms
55ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
495 B 98ms
98ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1312335167255230&correlator=401630764811599&eid=44761477&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=229445249%2CDWTag-DFPNew_RS75_Boxofficeindia_Banner_728x90_200919%2CBoxofficeindia_RS75_DWV_092019%2CDFPNew_RS75_BoxOfficeIndia_Banner_300x600_021219_Desktop%2CBoxofficeindia_DWV_061119&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C300x250%2C300x600%2C300x250&ifi=1&adks=1279179817%2C1790810919%2C927884958%2C3055373699&didk=2732045269~1474820573~3951247780~1978044105&sfv=1-0-40&eri=1&cust_params=url%3D%252F%26ref%3Dnull%26NativeFloor%3Dyes&sc=1&cookie_enabled=1&abxe=1&dt=1674220432737&lmt=1674220432&dlt=1674220431462&idt=912&adxs=436%2C-9%2C-9%2C-9&adys=189%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fboxofficeindia.com%2F&frm=20&vis=1&psz=1015x100%7C0x-1%7C0x-1%7C0x-1&msz=728x-1%7C0x-1%7C0x-1%7C0x-1&fws=0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&ga_vid=461281065.1674220432&ga_sid=1674220433&ga_hid=516314689&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

413b7da439e6deb047601bef26cdf233376cbb955cfebc1b22299b94917c403e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 465
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
13 KB 381ms
380ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1312335167255230&correlator=401630764811599&eid=44761477&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=1067277%2CATD_BoxofficeIndia%2CATD_160x600_LHS%2CATD_160x600_RHS%2CATD_300x250_Desktop_Homepage_BTF%2CATD_300x250_Desktop_Homepage_INR&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F3%2C0%2F1%2F4%2C0%2F1%2F5&prev_iu_szs=160x600%2C160x600%2C300x250%2C300x250&ifi=5&adks=3969133608%2C2430886994%2C924216401%2C1904640850&didk=206509830~3695170705~862884592~846366556&sfv=1-0-40&prev_scp=mod%3Dfi%7Cmod%3Dfi%7Cmod%3Dfi%7Cmod%3Dfi&eri=1&cust_params=url%3D%252F%26ref%3Dnull%26NativeFloor%3Dyes&sc=1&cookie_enabled=1&abxe=1&dt=1674220432754&lmt=1674220432&dlt=1674220431462&idt=912&adxs=64%2C1376%2C992%2C305&adys=184%2C184%2C1334%2C887&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C0&ucis=5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fboxofficeindia.com%2F&frm=20&vis=1&psz=287x610%7C287x610%7C300x0%7C300x0&msz=160x-1%7C160x-1%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=160%2C160%2C310%2C310&ga_vid=461281065.1674220432&ga_sid=1674220433&ga_hid=516314689&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65def74639527e336c76a6017b6f3f94dff5e58b610f726cb0ed3ab16e30300f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12809
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
15 KB 103ms
102ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1312335167255230&correlator=401630764811599&eid=44761477&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=36888185%2CDWTag-DFPOld_RS00_Boxofficeindia_DWV_300x250_180321&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&adks=3949431089&didk=319839315&sfv=1-0-40&eri=1&cust_params=url%3D%252F%26ref%3Dnull%26NativeFloor%3Dyes&sc=1&cookie_enabled=1&abxe=1&dt=1674220432760&lmt=1674220432&dlt=1674220431462&idt=912&adxs=955&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fboxofficeindia.com%2F&frm=20&vis=1&psz=350x-1&msz=350x-1&fws=4&ohw=1010&ga_vid=461281065.1674220432&ga_sid=1674220433&ga_hid=516314689&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9286c96d8591a8c782c5287341719e85fd559eb045e6df83e4c9076ac0b918b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15813
x-xss-protection: 0
google-lineitem-id: 5646871195
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343507157
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
590 B 330ms
329ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1312335167255230&correlator=401630764811599&eid=44761477&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=21622890900%3A1067277%2CSG_boxofficeindia.com_res_article_top2_970x90%2C728x90%2C300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=728x90%7C970x90&ifi=10&adks=1259618130&didk=2825456939&sfv=1-0-40&eri=1&cust_params=url%3D%252F%26ref%3Dnull%26NativeFloor%3Dyes&sc=1&cookie_enabled=1&abxe=1&dt=1674220432765&lmt=1674220432&dlt=1674220431462&idt=912&adxs=293&adys=40&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fboxofficeindia.com%2F&frm=20&vis=1&psz=1015x0&msz=728x0&fws=128&ohw=0&ga_vid=461281065.1674220432&ga_sid=1674220433&ga_hid=516314689&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac20e4522d098b7b8bce660844dd51288814a4744c394ecb0b6f8a07b220f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 560
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 602ms
601ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1312335167255230&correlator=401630764811599&eid=44761477&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=21622890900%3A1067277%2CSG_boxofficeindia.com_res_article_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=11&adks=3931964080&didk=2825456941&sfv=1-0-40&eri=1&cust_params=url%3D%252F%26ref%3Dnull%26NativeFloor%3Dyes&sc=1&cookie_enabled=1&abxe=1&dt=1674220432770&lmt=1674220432&dlt=1674220431462&idt=912&adxs=1353&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fboxofficeindia.com%2F&frm=20&vis=1&psz=0x-1&msz=195x-1&fws=640&ohw=0&ga_vid=461281065.1674220432&ga_sid=1674220433&ga_hid=516314689&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1899349385d78d3f1288d6d99d1281732632bf41c1aa9e1d5658ee0ed5b2b34d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9667
x-xss-protection: 0
google-lineitem-id: 6070950844
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138399421501
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 09EE 6 KB
3 KB 223ms
80ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Sat, 20 Jan 2024 13:13:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
314 B 19ms
15ms XHR
text/plain 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fboxofficeindia.com&pubid=35d747a1-6323-41da-b924-5619ae9c6503
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:04:50 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 11342
x-cache: Hit from cloudfront
access-control-allow-origin: https://boxofficeindia.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: WK6V1RNuBugHlIbzlzAxAEDXFBTpWzHuEG74kn2Nr4Oizy7lenYDpw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
465 B 333ms
52ms XHR
text/javascript 13.32.28.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fboxofficeindia.com%2F&pid=6AiY9ByFTISXX&cb=0&ws=1600x1200&v=23.112.1442&t=2000&slots=%5B%7B%22sd%22%3A%22fi-ash-1666181839-3321%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%221067277%2FATD_BoxofficeIndia%2FATD_160x600_LHS%22%7D%2C%7B%22sd%22%3A%22fi-ash-1666181847-6201%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%221067277%2FATD_BoxofficeIndia%2FATD_160x600_RHS%22%7D%2C%7B%22sd%22%3A%22ATD_BOI-D-hp-300x250-btf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%221067277%2FATD_BoxofficeIndia%2FATD_300x250_Desktop_Homepage_BTF%22%7D%2C%7B%22sd%22%3A%22ATD_BOI-D-hp-300x250-INR%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%221067277%2FATD_BoxofficeIndia%2FATD_300x250_Desktop_Homepage_INR%22%7D%5D&schain=1.0%2C1!automatad.com%2C2311913246141861%2C1%2C%2C%2C&pubid=35d747a1-6323-41da-b924-5619ae9c6503&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.28.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-28-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 3B68NXAX82J3AHYYJCGR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tKYt2OvcEMHGF1Ux-rmugArgeohAO-5BFUWdxqe7mVQJBqjI2m96kQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
8ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
date: Fri, 20 Jan 2023 06:37:13 GMT
x-amz-cf-pop: FRA56-C2
age: 24946
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: DxvxXlHeFpcQ9EkolALrsiP1mEfe1_T4xHgPcMKSh6Cg-wwTRBbzYQ==

POST
H3 200 78c811df5cd72bc7 Show response
boxofficeindia.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame D116 2 B
701 B 40ms
39ms XHR
text/plain 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boxofficeindia.com/cdn-cgi/challenge-platform/h/g/cv/result/78c811df5cd72bc7
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674216000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8uSPEs%2Bu6rSnpczO%2FpdT6nYirBfPyJ%2Bb7NCDrZrW8J482YrohP9vUGkNTYzSzZWYM2KPotE%2Fa1XmJhiRGx%2BTSU6SeuDuSuf339LuCeVghro9w3lbDQh%2Fq%2FjFx62nl2g59pnlqSTsaYHHrDuhYo7gBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 78c811eb5932bb50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1,i=?0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0945 16 KB
6 KB 15ms
14ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/geo/amp_user_sync/load-cookies.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://b2cdn.automatad.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=52335
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Sat, 21 Jan 2023 03:46:08 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 container.html Show response
c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 771C 6 KB
3 KB 52ms
51ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Sat, 20 Jan 2024 13:13:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D678 6 KB
3 KB 50ms
48ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Sat, 20 Jan 2024 13:13:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 914C 6 KB
3 KB 51ms
47ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Sat, 20 Jan 2024 13:13:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6ABB 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1ey2rhP7NIasSWN-QfL6iVIzYEI55x3GGb5zrZLS5bhgLpLruFnLDIe4sJmHQBOouM0vaqRGhp9KAEjp_91eb2Vyz78w8diVnLuXJnBnDXp2eAomXEO4uetL92MHOOfwEEmrVCgfg2RviTea3hxUaoldgMLiyfMLer3uOrVbqysfF1ruvQUssmaqTMYufQt9bYsM-d-RGCipg4JkfDJUEFbKYLteSlBtvuXgCD5frjv0qnCZ6Qi9kP_cvxB72afzPEh3esY-9Xw1kek4wvpX9pAPF26y9YYBul7h5DbDNxYyx4ok_WzX82AFmrbbGQPkCQsiiWZUMmdYdUuLR9mgTf55ZOsVfCHZTjadoQPB3QwT2pp_8W3uCXFk&sai=AMfl-YRr78Ifs1DnfKCe8QFKKWJNeIdDfBRYDFP7E8J0MYDj9InApyLbT4Kqr6hP-2QZj8789dmmf8BXpMk6JhOH9TxV3_a97xUVnSyQVA1cO6ZCnHPMq1xgFqaGxNOgdOvEilqdhcGulbhUyMnazLhIPhw&sig=Cg0ArKJSzO-LREKmf3gCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6ABB 110 KB
43 KB 146ms
51ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-0000-00

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

031b90f87bb6806d4f731071d3d523523a1ec294e03b95ec7379c59b99c7f176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43981
x-xss-protection: 0
last-modified: Fri, 20 Jan 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Jan 2023 13:13:53 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6ABB 369 KB
124 KB 186ms
72ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125890
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:53 GMT

GET play.png
contentvideo-zt3fn6v93n.stackpathdns.com/ Frame 6ABB 0
0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6ABB 155 KB
48 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:53 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 21ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6cc6db1415c4eb3246fcd5829b4c6c29

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

534fc239e40fa8cf22d505124d16dc08812f0f0df75f8ec1caf677bc14fa4e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://boxofficeindia.com/
Origin: https://boxofficeindia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 13:13:53 GMT
content-md5: nmYIfqOssjNRSW4yHB2bHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86954
x-fb-rlafr: 0
x-fb-debug: /oC2Vmxs2VNQf0/gT9frslC/ScAV7NXKYsQUCbNbTtPpVyqmxvHHN1p6UwRHIJQ/Fx9BgJapsnLKn55Eb5xJLg==
x-fb-content-md5: 192ff56d9d7ef760bc007eab4b0ff8b1
cross-origin-opener-policy: same-origin-allow-popups
etag: "a0cb7415fce70a226df9d1390672ecc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 20 Jan 2024 10:51:52 GMT

GET
H/1.1 200
OK widget_iframe.3da3731af9a8a2b242ed5500485bb22f.html Show response
platform.twitter.com/widgets/ Frame 426E 320 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.3da3731af9a8a2b242ed5500485bb22f.html?origin=https%3A%2F%2Fboxofficeindia.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 557575
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Jan 2023 13:13:53 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Sat, 14 Jan 2023 01:38:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/673A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0945 2 KB
3 KB 60ms
14ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94958736&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: d50f0bc63643acdaeeb7588c1a3ee3cdd4a831a8a754172b8344492f167e9c9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 20 Jan 2023 13:13:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 771C 0
0 91ms
90ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxiBbkJPKY6yAM8TwzQaNxKCwA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBIECT9A2ly_YQR9x761YnYh-MpSWz870c3zvDBbHXY4eIUXRHdjWAImB1RWfYlsLU5Ieeb4ZNc2R0GrV5nIXQ9z7s0VVS0_1y1SDx2B5JxYjy-gxts49-g-tpbAXUMG3GQOKBqUr-c2gedGzNCFkYs0llNLUI8ijN8NkK9drwO6jZ6DixRhpxCd_ypz4za6C2qhUJnp0MDnQLUeoRUVp0T_cVmcTILYOgVN1zv6DgO8rjOYoDWBxFmC-6rQd-WQ4RDHjBAPKUZKJ2h7B2HQZoD_PnmcX0sFU7UWaMv5Z-KfXQ-vLvaD2yv7G2jVn00G8dPxcAtZkX-8Iy3JdXWOY6-Mznm3gBAGABoGgufejx8ap_QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTIyMDk3NTk0NjYyMjEwODkY3cwJ&sigh=_5Y5aXUr20s&uach_m=[UACH]&cid=CAQSTADq26N9kPudnN7PWPpXNd0E14l9K8ijj597nCsMUnfm4axQpmwiZCPETRLGxwfkt5o3HGmpySpEkYNM48TxKCoNg4n3g729ETmFxmwYASAT
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 771C 0
0 63ms
19ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kK64EsY1oAHYBJ2DYgICAAAAUxd-uSvkPRQQkJPKYzKnBfdkRGG3US0iABIAAA&wp=Y8qTkAAMwCwK03hEAAgiDTCIFoW4mCd0zr3p5A

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 254503
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 70DD 163 KB
52 KB 218ms
164ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y8qTkAAMwCwK03hEAAgiDTCIFoW4mCd0zr3p5A&u=%7CLUtkUpB2os78jm%2BbGVtuNUV%2FmgYDBRz6uhVZmw9Ovr4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MsVi-i0uD60dfGMAvXWXw-GY1w46P0pO3hhfJS0K0Z27bYRvROtxLhbnQTuSHtN-5UTlQGAhT6scV5R5iWBNkkNeMpwtoLhfW3rib_Ji6DFsHZnPCW6fRbpfaa7h2xNcP2DzXwsFXkRf0NvClyw1OJeEM9i4ZTNoZAPJFVE0GcIhXcB22QrGFleStWxoJrdLB0yEoqMHyHBv2E7ZDM9HAD31rWRISAkYjnPACel8tDHDj0U30-BSWbiZpezuTVo8l7qVkHEGp_r9Ciz7zJVeM9A6ERgJG1sJ7iENOLTafPgW7nMbr91wFDzJ0cZRK1StsQp4YG6lJa4ogjJXReSoROfTqCzByHlK-b9UyZRk6GcQPXfeFVfZ20ZXXQVClAU2hen9HWG8yxHUmxmKM5viWGc7o3CkeYUQ056-0i2r0F9sVPhJKVytNtA1M40W5QAxtowPnu-60BQN4mh4uLGRB0ZIqsnIa2xqhOEBU6NRhfArFBCLDbdaT2lXvz-8Eb-hBqzAKz8Yr3FDB2JsZyGank6u5FLWHYGwX89Bs-KU1HxQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4iL4kJPKY6yAM8TwzQaNxKCwA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBIQCT9A2ly_YQR9x761YnYh-MpSWz870c3zvDBbHXY4eIUXRHdjWAImB1RWfYlsLU5Ieeb4ZNc2R0GrV5nIXQ9z7s0VVS0_1y1SDx2B5JxYjy-gxts49-g-tpbAXUMG3GQOKBqUr-c2gedGzNCFkYs0llNLUI8ijN8NkK9drwO6jZ6DixRhpxCd_ypz4za6C2qhUJnp0MDnQLUeoRUVp0T_cVmcTILYOgVN1zv6DgO8rjOYoDWBxFmC-6rQd-WQ4RDHjBAPKUZKJ2h7B2HQZoD_PnmcX0sFU7UWaMv5ZuqX20WxEIbNJVuplCgjBK0iofkpWLM7m6yc1bYDiQ0-Abkm3jdKWn7vgBAGABoGgufejx8ap_QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KiPEa-PWSI9i44EXYsdhqTo7xKw%26client%3Dca-pub-2209759466221089%26adurl%3D

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

395a22013340078d7c3188431cdb2bd22bda878b332c6668957f688cf99ade1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1LTkEuAFKZZIiFqynilnkTy6dkIPvtnbYFmpGh4Ue9lGxVREzFyPTHoGyouE72HlrlruAEccDJJFag4a1RxSV7k6KUi9U8pVUGkpwKAUuX_Ijes7FMGwiRvGpEslhW4zqrzU3zCBmhTPdprsBUxYtpqLzvX9SvllV5DtcDu1U4bsUWltyf40IM_ljOPikdh2s9lwWfJkKgHv96m9S-i--UM0FPdiuqJV6TFGqCM-Ae_8U9CyESGr-JpnovZgybPb42c2dw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 87072177
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 771C 3 KB
1 KB 191ms
95ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 09:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 09:21:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 771C 18 KB
8 KB 132ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:49:02 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 771C 24 KB
7 KB 135ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 08:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Jan 2024 08:20:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 771C 155 KB
47 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:53 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 61ms
21ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:50:09 GMT
content-encoding: gzip
age: 1095824
x-guploader-uploadid: ADPycdt6iN4_QwReAjSC_LRG7vKFAXTDxCKMV2GXbUWI2CZkbUxvp16CdJB4GM5IU0zxTYK5GU9096eqDzRaDtbKrSxd5sgqSB-S
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 07 Jan 2024 20:50:09 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 62ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5acb6bfb13d8aa6e8433b58c8ee60164ca1946736ef8236e346adf5e240f6247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Jan 2023 22:25:06 GMT
server: nginx
etag: W/"63bde5c2-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 13:13:53 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 32ms
19ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15450
x-jsd-version: master
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfEvrl5cGMuQXqWjPUb7rDrauPPrfif0mGndwjlKjrvWwbdWfkDKr1C5nSXgycZEyQNJ0Twd1wNYrBdsNvVd9IKsTnQXTArc3f7Iy63RYAITwW48SwfZ8%2B5WUmbosYBRjxZ1xOD%2FBk0XcNzbXaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 78c811ed292f9bb0-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 72ms
29ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
server: cloudflare
x-amz-request-id: SA6HX3EQ47WC1XE3
age: 1573
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 78c811ed5f5a8fd0-FRA
x-amz-id-2: 79htdQ19spsqbMsNoVBRii35mzPQHvikWi7aJxn5SqG/UqOCZhz0q3HBXssmXjmjVXk3tTNwmSU=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 40ms
7ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 01:25:26 GMT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 42508
x-amz-server-side-encryption: AES256
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: 3l7DINGLh4sZAMxIRJBwnJem4mn2Z-APs3CkMpxwmQUBgh7ofaC6Bg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 52ms
9ms Script
text/javascript 2600:9000:211e:e200:a:e047:752:5701
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e200:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 00:57:50 GMT
Via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
Last-Modified: Thu, 22 Dec 2022 00:57:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 44164
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: rbu6vVwX3FcbZMN84sjThhd3uswnFS6FIMBADyNPCcxRw1PHuW7fuQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F9D0 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvITKN4UGtd6ReQRXU0A2uZ7YTGcRXaVsB_mQI8T0R2KRrAg5WtnojT7RsoVP3NOHehyHEf79Th7InnbJE-ammMB3iYvVm-omg5asa2MfJGqXN66llxKPSGCrbMZck7WjEdWyD-E8EEd4135JHGABb5YE6FNuntVOrTXp9lZkEQVh1YLS7AhHjGt-ITbgtsMB2M175DF6hCBuWGJQpYTni7kTs00mBfnu8DY85_kzlPqxE8Eo9H0xMITJyh5lTnAyJiEYh-lgVePtkDAvMY4sX4uy11Ou8MH-zHKWKno24pGoEK8ZUVrrwEXI5aNEoAcf1T5DoLaePoCI-N1g5XQ3IhwX_2QsWTAZr-IXkqUf7Qhkw1&sai=AMfl-YQzWy6KHMXiPaxujdo0Wqvt7AgudNOXZNUTdDTH69hyxclKpisQrrdpobzuHG0sNlY_EF0x33pOqoDoxoeysuOi5rTYLutavBSImxzqdsAJrlytUzZ9aVjyOU2wC9FlY5TDZ7lVmd8fAvFvmxB-WYc&sig=Cg0ArKJSzIF74BkRCfPfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 6354.js Show response
cnt.trvdp.com/js/1273/ Frame F9D0 3 KB
2 KB 44ms
12ms Script
application/javascript 65.9.66.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1273/6354.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25391474db3fb442237185add313339fe0768a200ba22ba2f5fd5133fb344c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 16:33:56 GMT
content-encoding: br
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jul 2022 16:58:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 13811998
etag: W/"09d4c514997775f8a4fb4a009c8fe1e4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: n6yO09NEUdm6yPMNNRdulLNhT-IkzZ6cwxi6Rou2Ydpf-lRbq6MJwA==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9D0 155 KB
47 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:53 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D678 0
0 91ms
91ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-gLukJPKY62AM8TwzQaNxKCwA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBIECT9BEN9jCPEoFc-V5KDRBRSDCtXPjQxcv-9jfOg428WdU2S69xRTsupivvjqVmYVty0MMGTnRI_ccJmBq2v06KzjfgWN2KQqqjTXlE23pCqKybqWOU_OZ6Mksn4aQJNXDq-bXi-NjXxUxysPOHLpgmCh69tFrqBnaRBgJAAMb5Wz5JT-9nlXtbqPam2s-y52wW2TwLZPT3iHCQYb9nOkGhkLjlxPVzLDJqkKoQoFKGBTn05lkctZJQoCuAWbOBCkouEQrnDQzuQWxVH_VoaM_IJcfUE1VYAhxYiM7LbKfs2GAQc3gKPGa9v0ELnhFgZe_nlOgl4ue2EFUwjZD34qybSTgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTIyMDk3NTk0NjYyMjEwODkY3cwJ&sigh=cJJesF0HJLI&uach_m=[UACH]&cid=CAQSTADq26N9kPudnN7PWPpXNd0E14l9K8ijj597nCsMUnfm4axQpmwiZCPETRLGxwfkt5o3HGmpySpEkYNM48TxKCoNg4n3g729ETmFxmwYASAT
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame D678 0
0 75ms
9ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLKVEMY1oAHYBJ2DYgICAAAAUxd-uSvkPRQQkJPKY78M7nLyBsdeHXv_ABIAAA&wp=Y8qTkAAMwC0K03hEAAgiDU5tNrgvpuKGguEGfg

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 193911
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 531F 144 KB
48 KB 164ms
141ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y8qTkAAMwC0K03hEAAgiDU5tNrgvpuKGguEGfg&u=%7CLUtkUpB2os485DixNcLNfUqd99xVsyi676hgia4oCYU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MsVi-i0uD60dwfPquqZpd7sT2FtFQEMJ8QkS3flevjC-mBH0jjflmym5fwHZZD6IxVVoGg7RhCYecG9PTSHApGeh8jQHCEes9AMjqAKngyqDwNnnpA6WjEzERnW1bgG6MNnu3__X9a1aeDHlaIyb0Rj9-ohhOBpGBiwTrnT_rF-v37Z1ulNuZuRRKICSUqnHIDlf8M1vbcHrClT_UklFLsBqE18u0iIsVVJ7Ex_l-7BAyFcGIJUtjxjPgiGajbM1e08C-P70VD-3N7Tw-N5_3_-72uEQNN5hny4znTMxSFiPiS9VCBlEuQMFUKYdvKPr2ssv6a4ZQVWnzW2kNNZZ2_BolLob7FcSF2Br6z9QCz07Ofg6Mj7wcJd0WwNX2TRzINg-L17Cb42ZCFYOGkIOicPDSJbRIQV5cuJo_N0s6rxS8_1nMtjckN5UW2dQXQOEw904xHxHUaX3oQSB_nAST43FOF0O-PQaSTP12rjRdbCWa0S-ZLqG56dpX0SJIpXp_KifT_hBS-gbSKX2NBKOh8dvxJiLhC1ZrIr_YmgxBQt_lCBSqcmdtz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC26zgkJPKY62AM8TwzQaNxKCwA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBIQCT9BEN9jCPEoFc-V5KDRBRSDCtXPjQxcv-9jfOg428WdU2S69xRTsupivvjqVmYVty0MMGTnRI_ccJmBq2v06KzjfgWN2KQqqjTXlE23pCqKybqWOU_OZ6Mksn4aQJNXDq-bXi-NjXxUxysPOHLpgmCh69tFrqBnaRBgJAAMb5Wz5JT-9nlXtbqPam2s-y52wW2TwLZPT3iHCQYb9nOkGhkLjlxPVzLDJqkKoQoFKGBTn05lkctZJQoCuAWbOBCkouEQrnDQzuQWxVH_VoaM_IJcfUE1VYAhxYiM7b7C-IeYP3d5ftOU5JsCi1nFRiyG1sEsiI0OjfrPr3BpbWiA2fpsyaQHgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Sr3z4LDAa0TpRm-VmALPY8p57jQ%26client%3Dca-pub-2209759466221089%26adurl%3D

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a37aa150ea52dcbe5e3ecf2da9945d0e9a2153ffe62e7fb01441498517fa5fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ItB_8OAFKZZIiFqyZ4alEPdJWB49ozfbsrI5HFJi4WEkBTXr3KfdOeK6ttGpPuXb13jCdLQZ-dDB6vNYSaTwyXEYX2DQjEWjRrz06JcZUtujbgcFxfSU9lqJgltzAipllUteSoBEIJKi9thZfM7cJ0pYblFaSkNZHlt7q8Sp86uSV0BKR1wy8UVPDAueZPWFLx7QgAiHQbXyyj6SzEMxn7H9wmwXNt4SY2bBQ93TXW0MKH2Y40Y8sZFdKuba1sqkq6Hv4w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 81647546
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame D678 3 KB
1 KB 162ms
97ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 09:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 09:21:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame D678 18 KB
7 KB 113ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:49:02 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D678 24 KB
6 KB 123ms
60ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 08:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Jan 2024 08:20:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D678 155 KB
47 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:53 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 914C 0
0 87ms
86ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCEeBkJPKY6-AM8TwzQaNxKCwA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBJUCT9BvhzwWk3zK3MdKzIfDdsfSQX223-OdZrJQP1FDiMF7-DpINDjbEO3c_n6AVMOoKgdOwDcPaFGBGVIF77D5y4HMwjFsfE0nxxJus-A6bCAyTju_M6LANc08fe_H583mYGTDhnWYcqGFjQJRs3J5LhtatqF0qQYtUseVvXQnva8MeiWzDzRK_5muUtNtnFCMNcba8fvBy_-udMEOHnTT4b1nfUqOJ4SGBq0DGTkJRnCjtyw8WEKQ2ts4MZ3bq8ciBrjCiNRTVyC1tx4wtZpoDO5Gfv1w0y4yxh3tgsdo2rwT_kIU4_yZwTqmqw1y2wf1wYG9nRB94PjLu0_B1Eq5Fh6fa5RjIGLkhFKIuMwmaO2tOWqU9OAEAYAGgaC596PHxqn9AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjIwOTc1OTQ2NjIyMTA4ORjdzAk&sigh=tpoMjfsdAsU&uach_m=[UACH]&cid=CAQSTADq26N9kPudnN7PWPpXNd0E14l9K8ijj597nCsMUnfm4axQpmwiZCPETRLGxwfkt5o3HGmpySpEkYNM48TxKCoNg4n3g729ETmFxmwYASAT
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 914C 0
0 25ms
18ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kK64Esc1rAL6AZ2DYgICAAAAUxd-uSvkPRQQkJPKY39cyxuFM1ALEh4YABIAAA&wp=Y8qTkAAMwC8K03hEAAgiDSVF2NkkTGmYFK-wbw

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 219635
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DED8 159 KB
51 KB 117ms
100ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y8qTkAAMwC8K03hEAAgiDSVF2NkkTGmYFK-wbw&u=%7CLUtkUpB2os7J8wY8znRsxbkBqQDCkIorK9t37P2SDo0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZ7UP1w9166g5OjKTCBzLsmxEri-jm_9_LOP0V2VNiOHFfSDdiriVaid2e6gQk2BZeeOS0mU5K-_w_YAsNkTp4BqY0fjHYoz6w9spgr0mFhktViKrClGEoxs6hEe9n4tjcfhzLRP5stGXDXphoJHESsfBMmpTsUHIh8_IUiE7eIiNm4mFXQ_qKjs9ONvrVtxZki6xRdRQ1_Fj-H7P4NEqGniN1YViCTwa9RPVdKYLuReJO7Wqe8m3TTH_sDCJyXp3QnM973KuBLSXAQzEj0k04XAD2yKZ4AnIBrLEn8Cc58Kmaf4ETyTwVe27wurCJEN64fY4434PhSckhw4nbUBtF6_RsfGQd_9aagwOGnAY_LAzJn-IedbYv40bR439p0g0y7nn_t8_uV64ezNbeh4UOkA0k8U2ZzwCbSTt8Av0fUC9av0M4mdQ_BW8IH1NfgsE0jIJ3WWZrgh9QtC48fZN2w88EhH_KbqjfgY-k_ZU8VqAfxlR4-NX5n3QpLD6Wmo6kDFkzFF5LJsB5UM1wICY5XaJVWo9U1Q36xd5d9hL35C0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn1ijkJPKY6-AM8TwzQaNxKCwA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBJgCT9BvhzwWk3zK3MdKzIfDdsfSQX223-OdZrJQP1FDiMF7-DpINDjbEO3c_n6AVMOoKgdOwDcPaFGBGVIF77D5y4HMwjFsfE0nxxJus-A6bCAyTju_M6LANc08fe_H583mYGTDhnWYcqGFjQJRs3J5LhtatqF0qQYtUseVvXQnva8MeiWzDzRK_5muUtNtnFCMNcba8fvBy_-udMEOHnTT4b1nfUqOJ4SGBq0DGTkJRnCjtyw8WEKQ2ts4MZ3bq8ciBrjCiNRTVyC1tx4wtZpoDO5Gfv1w0y4yxh3tgsdo2rwT_kIU4_yZwTqmqw1y2we3w6AvGp_h80dXr-wR6exBHwqV3Z5NOOBQTG8uSnM4RPUok-6HSxUAq-AEAYAGgaC596PHxqn9AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Fgz4OXm3-Q2ynz5v0fHgJAo0RlQ%26client%3Dca-pub-2209759466221089%26adurl%3D

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a22f51defd8d99845ab4b0959e14232a51a9f15d89eeb45713f4137f91ad1aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=NRoKfOAFKZZIiFqyuWektigYzKCqFQIKxgg4N4goe-TH-FbmCCiSAxIJsK15tL2QXWsS7B12DfuZqMuKET6_0bD7hCDnFLuHUfK9LL6su1Cxd6pgiKU8V4y6nbYPwNKJhd6PnRoKtDoa7maZtO9s6lqXsHDOSfUiOjTrt_-ylbubmwlqca-OD7idHolgbRaqLjix1oHbalm6TWwOp7DKXKG0nS2wZuuKWdBnnSGzZNEO9D5RlRdDeeOUHfXJntPVjVqVbQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 76409334
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 914C 3 KB
1 KB 155ms
96ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 09:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 09:21:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 914C 18 KB
7 KB 135ms
76ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:49:02 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 914C 24 KB
6 KB 148ms
90ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 08:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Jan 2024 08:20:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 914C 155 KB
47 KB 122ms
118ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:53 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 426E 1 KB
765 B 150ms
118ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2bbb9f2938eecd5756b527fb4f27d296bfe9ec80

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.3da3731af9a8a2b242ed5500485bb22f.html?origin=https%3A%2F%2Fboxofficeindia.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

fc081c346c34f8c2a7319043423eab223502fb8100390fa118c9ce57a07fd179

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 107
date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 20 Jan 2023 13:13:53 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 515768ef2ee04c10
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 7d4e3f51145fc53808b6c28d533032ce0fbfbd08c6a80961d11a92d937e3ac91
content-length: 445

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame F334
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=C833D44B-9EE7-47EB-B335-A7378C3B4075&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C833D44B-9EE7-47EB-B335-A7378C3B4075&gdpr=0&gdpr_consent=

35 B
477 B

38ms
16ms

Document
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C833D44B-9EE7-47EB-B335-A7378C3B4075&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C833D44B-9EE7-47EB-B335-A7378C3B4075&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4620
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:11b563ca-9391-4a00-86af-3c94f33f52a0&gdpr=0&gdpr_consent=

42 B
554 B

108ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:11b563ca-9391-4a00-86af-3c94f33f52a0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:13:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:13:53 GMT
Expires: Fri, 20 Jan 2023 13:13:52 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 357 2feb0b5 master cdg-pixel-x35 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:11b563ca-9391-4a00-86af-3c94f33f52a0&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4955
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7480831859252040229

42 B
424 B

24ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7480831859252040229
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:13:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7480831859252040229
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 8073 43 B
363 B 147ms
24ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:52 GMT
expires: Fri, 20 Jan 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 688081
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D591
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4h-31e0f7YX5TbDQ4En51uwZsNf5G7aNsh6plot4

42 B
333 B

99ms
20ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4h-31e0f7YX5TbDQ4En51uwZsNf5G7aNsh6plot4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:13:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4h-31e0f7YX5TbDQ4En51uwZsNf5G7aNsh6plot4
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame F691
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C833D44B-9EE7-47EB-B335-A7378C3B4075&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C833D44B-9EE7-47EB-B335-A7378C3B4075&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

198ms
197ms

Document
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C833D44B-9EE7-47EB-B335-A7378C3B4075&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:13:53 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: RGBYEBRPK7F6ZXPXQ9B1

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 20 Jan 2023 13:13:53 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C833D44B-9EE7-47EB-B335-A7378C3B4075&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: WPE23MKWCD3K7Z9AE8SE

GET
H2

200

setuid Show response
us-east-pbs.automatad.com/ Frame B63C
Redirect Chain

https://us-east-pbs.automatad.com//setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C833D44B-9EE7-47EB-B335-A7378C3B4075
https://us-east-pbs.automatad.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C833D44B-9EE7-47EB-B335-A7378C3B4075

0
486 B

93ms
93ms

Document
text/plain

143.244.214.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C833D44B-9EE7-47EB-B335-A7378C3B4075

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.214.118 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-envoy-upstream-service-time: 0

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 132
content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: 0
location: /setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C833D44B-9EE7-47EB-B335-A7378C3B4075
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-envoy-upstream-service-time: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0945
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yDPUS57nR-uzNac3jDtAdQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

8ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=52334
accept-ranges: bytes
content-length: 5554
expires: Sat, 21 Jan 2023 03:46:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 0945
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=C833D44B-9EE7-47EB-B335-A7378C3B4075&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

55ms
55ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 0945
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C833D44B-9EE7-47EB-B335-A7378C3B4075&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C833D44B-9EE7-47EB-B335-A7378C3B4075&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C833D44B-9EE7-47EB-B335-A7378C3B4075&addseg=19,36,42

0
0

79ms
19ms

Image
application/json

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C833D44B-9EE7-47EB-B335-A7378C3B4075&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 Jan 2023 13:13:53 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C833D44B-9EE7-47EB-B335-A7378C3B4075&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0945
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzgzM0Q0NEItOUVFNy00N0VCLUIzMzUtQTczNzhDM0I0MDc1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:13:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0945
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELCGPOirah1m1eNKIN5G8dk&google_cver=1

42 B
376 B

19ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELCGPOirah1m1eNKIN5G8dk&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:13:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELCGPOirah1m1eNKIN5G8dk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 0945 43 B
610 B 140ms
25ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 19 Jan 2023 13:13:53 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0945
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4069378680133100416

42 B
297 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4069378680133100416
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:13:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4069378680133100416
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0945 70 B
265 B 157ms
45ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fboxofficeindia.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fboxofficeindia.com%2F&rid=esp&cc=1

85 B
203 B

116ms
115ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fboxofficeindia.com%2F&rid=esp&cc=1
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: d2abbb68e5d9d8f5c6b98fb4224e57b285a3fe7ee43efb55a279f4b48d820ae6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-49yMIfFS1J1CgGpFpbNCQNcdWNY"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://boxofficeindia.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 20 Jan 2023 13:13:53 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://boxofficeindia.com
location: /esp?url=https%3A%2F%2Fboxofficeindia.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6ABB 49 KB
20 KB 67ms
55ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-0000-00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 12:21:47 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3126
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20085
expires: Fri, 20 Jan 2023 14:21:47 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 462D 15 KB
6 KB 97ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=boxofficeindia.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 378669
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 80ms
14ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://boxofficeindia.com
date: Fri, 20 Jan 2023 13:13:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
DATA 200
OK truncated
/ Frame 6ABB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0fa7589f095c1cb21c6558bbf9da004975d5424f838c5a0a8cb97bc814c6902

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DED8 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y8qTkAAMwC8K03hEAAgiDSVF2NkkTGmYFK-wbw&u=%7CLUtkUpB2os7J8wY8znRsxbkBqQDCkIorK9t37P2SDo0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZ7UP1w9166g5OjKTCBzLsmxEri-jm_9_LOP0V2VNiOHFfSDdiriVaid2e6gQk2BZeeOS0mU5K-_w_YAsNkTp4BqY0fjHYoz6w9spgr0mFhktViKrClGEoxs6hEe9n4tjcfhzLRP5stGXDXphoJHESsfBMmpTsUHIh8_IUiE7eIiNm4mFXQ_qKjs9ONvrVtxZki6xRdRQ1_Fj-H7P4NEqGniN1YViCTwa9RPVdKYLuReJO7Wqe8m3TTH_sDCJyXp3QnM973KuBLSXAQzEj0k04XAD2yKZ4AnIBrLEn8Cc58Kmaf4ETyTwVe27wurCJEN64fY4434PhSckhw4nbUBtF6_RsfGQd_9aagwOGnAY_LAzJn-IedbYv40bR439p0g0y7nn_t8_uV64ezNbeh4UOkA0k8U2ZzwCbSTt8Av0fUC9av0M4mdQ_BW8IH1NfgsE0jIJ3WWZrgh9QtC48fZN2w88EhH_KbqjfgY-k_ZU8VqAfxlR4-NX5n3QpLD6Wmo6kDFkzFF5LJsB5UM1wICY5XaJVWo9U1Q36xd5d9hL35C0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn1ijkJPKY6-AM8TwzQaNxKCwA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBJgCT9BvhzwWk3zK3MdKzIfDdsfSQX223-OdZrJQP1FDiMF7-DpINDjbEO3c_n6AVMOoKgdOwDcPaFGBGVIF77D5y4HMwjFsfE0nxxJus-A6bCAyTju_M6LANc08fe_H583mYGTDhnWYcqGFjQJRs3J5LhtatqF0qQYtUseVvXQnva8MeiWzDzRK_5muUtNtnFCMNcba8fvBy_-udMEOHnTT4b1nfUqOJ4SGBq0DGTkJRnCjtyw8WEKQ2ts4MZ3bq8ciBrjCiNRTVyC1tx4wtZpoDO5Gfv1w0y4yxh3tgsdo2rwT_kIU4_yZwTqmqw1y2we3w6AvGp_h80dXr-wR6exBHwqV3Z5NOOBQTG8uSnM4RPUok-6HSxUAq-AEAYAGgaC596PHxqn9AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Fgz4OXm3-Q2ynz5v0fHgJAo0RlQ%26client%3Dca-pub-2209759466221089%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:53 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DED8 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:53 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DED8 308 B
636 B 15ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 15 Jan 2024 13:13:53 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DED8 293 B
621 B 23ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 15 Jan 2024 13:13:53 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame DED8 43 B
348 B 61ms
21ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=f8J-GkCnlyp8DSJRaHeepeUJmRKzpOjgYGTB7OhK78qBbgZFbmvjnPFIClw_InBYkuMB2C6Pn87HrR2ZAj8tTAgIH6MxoWuMJGaO6UU9jFBPnTzvvuez4hfqbvJocHUVqh3JguQmxRCnzLsDX__Fp83LEOtdDD6J9A3nk9ZM4le6xIWAdPEx-wz820XgiBYqPDJnB6t78M03cDVwSLSK94RyufM58WiRBLZnyRWeQMaLqODhjBEgXO97_F8MgMBogHBXnQ9aR2_BqslwkQhcsBF0aWk9gtvGseQOtTppTRk5AeXTXt9vtSSvdSGZHZ0diVD-cjMU00Grz11_9hBvltC53TYlJM7kN-2lqd0fVGbkH_8udIl8bKN4MelHKFuCEXPcaZPxrDIYc9blcvdKNjKjcxZ4yxRZGi2Z9J-m1gLmT1Wk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5472210
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F9D0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b51cd1acb539f1ef702ba2de6fd91f9483593f83586b51e441e4b3621ef6ed39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F9D0 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXai5XX9knSkT7eYb_kqEz18yI0BG5Fp9RZjCD6LRxpqcCaAAUkp4sryIEHuCb_ovlt_NBBX5_NrVwcjw5_h_I5okyN1bR-U4DcD_3bS-sHZ0TnHcOA3XpdSFYXPPGy2uTcangh0DS6Gt1yCNDknSi4Jec9HXzBEVlgonICuNRgZcgH5Ya2vnxS6PwrEqRx2AT5Fx84HZ778zCHgqxhLNOkEj4vUyYwLmw5psRein-Itz5sco-NFCIgNSDaYrNVjI4W8uo08r2HZUx3GR2hEAOiodO14zzaSY69ZQr6a1f8Qc0CVaNl9jvHiecCYdkE_5pWXAvmDQ21223-0n1RIC-N8Ne6VRstYMupLFfoyINCyqiYsk&sai=AMfl-YQeFBa9LGKGjBeRrKGRwKn7oNgWvStx0zx85DrylfptNqx40woBX8c8jYN98STmcCSk5c70Qug0oJlDBTKisutmYyapcmbPP32v4et3jOPmhBZnPJn69kNx6btG_uVPDG9FBErS0_ji8ob71oBSM3A&sig=Cg0ArKJSzPPaCojKZXt9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:53 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
337 B 111ms
30ms XHR
application/json 52.51.78.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.78.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-78-49.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8d137714e0e03900770ae03a9a0aaf0a126e0be6eb618702463a4e79b83c2294

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache
x-server: 10.45.17.113
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 531F 2 KB
1 KB 19ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y8qTkAAMwC0K03hEAAgiDU5tNrgvpuKGguEGfg&u=%7CLUtkUpB2os485DixNcLNfUqd99xVsyi676hgia4oCYU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MsVi-i0uD60dwfPquqZpd7sT2FtFQEMJ8QkS3flevjC-mBH0jjflmym5fwHZZD6IxVVoGg7RhCYecG9PTSHApGeh8jQHCEes9AMjqAKngyqDwNnnpA6WjEzERnW1bgG6MNnu3__X9a1aeDHlaIyb0Rj9-ohhOBpGBiwTrnT_rF-v37Z1ulNuZuRRKICSUqnHIDlf8M1vbcHrClT_UklFLsBqE18u0iIsVVJ7Ex_l-7BAyFcGIJUtjxjPgiGajbM1e08C-P70VD-3N7Tw-N5_3_-72uEQNN5hny4znTMxSFiPiS9VCBlEuQMFUKYdvKPr2ssv6a4ZQVWnzW2kNNZZ2_BolLob7FcSF2Br6z9QCz07Ofg6Mj7wcJd0WwNX2TRzINg-L17Cb42ZCFYOGkIOicPDSJbRIQV5cuJo_N0s6rxS8_1nMtjckN5UW2dQXQOEw904xHxHUaX3oQSB_nAST43FOF0O-PQaSTP12rjRdbCWa0S-ZLqG56dpX0SJIpXp_KifT_hBS-gbSKX2NBKOh8dvxJiLhC1ZrIr_YmgxBQt_lCBSqcmdtz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC26zgkJPKY62AM8TwzQaNxKCwA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBIQCT9BEN9jCPEoFc-V5KDRBRSDCtXPjQxcv-9jfOg428WdU2S69xRTsupivvjqVmYVty0MMGTnRI_ccJmBq2v06KzjfgWN2KQqqjTXlE23pCqKybqWOU_OZ6Mksn4aQJNXDq-bXi-NjXxUxysPOHLpgmCh69tFrqBnaRBgJAAMb5Wz5JT-9nlXtbqPam2s-y52wW2TwLZPT3iHCQYb9nOkGhkLjlxPVzLDJqkKoQoFKGBTn05lkctZJQoCuAWbOBCkouEQrnDQzuQWxVH_VoaM_IJcfUE1VYAhxYiM7b7C-IeYP3d5ftOU5JsCi1nFRiyG1sEsiI0OjfrPr3BpbWiA2fpsyaQHgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Sr3z4LDAa0TpRm-VmALPY8p57jQ%26client%3Dca-pub-2209759466221089%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:53 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 531F 2 KB
1 KB 17ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:53 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 531F 308 B
636 B 18ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 531F 293 B
621 B 19ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 531F 43 B
347 B 20ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4DpCv3iexNloby8hKU2tbuy34mdmTSLo8QAafqn6JZTKubSJT5oevho0xNLbthqBeQV3NEfKMLErpMZANY-Bat8kp2YDMRVNrshLHkwzuvQ_EfCqnpzl7Gxu71-_FiCaxPVk70t96sbAaBgyFlT3fCbIdZpH0u6r6plkO9-g-NcMELgZMTPjuZYTKxkCrJYK3hDXEUj-Ynj3ERhhuA9RHZ31h6WSYJZ7G7nTCWosERF2HMd_xRP06BVLVGd1tqMwMcmdCx6cJjtqynRcbooL-UbWIyTaH_uyDgc3mKl8e6ONg90wq1uEhfOeqnvg1IX6zqL2yUvePEeMPbuwNmBkNTJUeGhGdXCfLyeIFD8PTKsN5GBoKuIDkKeC7f7NC_nWY4LQiY30ijo0mh3Xnd98WLNZCoVjF5JqAFQFSIheLkGTVsK5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3701651
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 531F 60 B
60 B 63ms
17ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=63ca93918e19f6cd7840187eaa61030c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 20 Jan 2023 01:13:54 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1051
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 70DD 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y8qTkAAMwCwK03hEAAgiDTCIFoW4mCd0zr3p5A&u=%7CLUtkUpB2os78jm%2BbGVtuNUV%2FmgYDBRz6uhVZmw9Ovr4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MsVi-i0uD60dfGMAvXWXw-GY1w46P0pO3hhfJS0K0Z27bYRvROtxLhbnQTuSHtN-5UTlQGAhT6scV5R5iWBNkkNeMpwtoLhfW3rib_Ji6DFsHZnPCW6fRbpfaa7h2xNcP2DzXwsFXkRf0NvClyw1OJeEM9i4ZTNoZAPJFVE0GcIhXcB22QrGFleStWxoJrdLB0yEoqMHyHBv2E7ZDM9HAD31rWRISAkYjnPACel8tDHDj0U30-BSWbiZpezuTVo8l7qVkHEGp_r9Ciz7zJVeM9A6ERgJG1sJ7iENOLTafPgW7nMbr91wFDzJ0cZRK1StsQp4YG6lJa4ogjJXReSoROfTqCzByHlK-b9UyZRk6GcQPXfeFVfZ20ZXXQVClAU2hen9HWG8yxHUmxmKM5viWGc7o3CkeYUQ056-0i2r0F9sVPhJKVytNtA1M40W5QAxtowPnu-60BQN4mh4uLGRB0ZIqsnIa2xqhOEBU6NRhfArFBCLDbdaT2lXvz-8Eb-hBqzAKz8Yr3FDB2JsZyGank6u5FLWHYGwX89Bs-KU1HxQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4iL4kJPKY6yAM8TwzQaNxKCwA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBIQCT9A2ly_YQR9x761YnYh-MpSWz870c3zvDBbHXY4eIUXRHdjWAImB1RWfYlsLU5Ieeb4ZNc2R0GrV5nIXQ9z7s0VVS0_1y1SDx2B5JxYjy-gxts49-g-tpbAXUMG3GQOKBqUr-c2gedGzNCFkYs0llNLUI8ijN8NkK9drwO6jZ6DixRhpxCd_ypz4za6C2qhUJnp0MDnQLUeoRUVp0T_cVmcTILYOgVN1zv6DgO8rjOYoDWBxFmC-6rQd-WQ4RDHjBAPKUZKJ2h7B2HQZoD_PnmcX0sFU7UWaMv5ZuqX20WxEIbNJVuplCgjBK0iofkpWLM7m6yc1bYDiQ0-Abkm3jdKWn7vgBAGABoGgufejx8ap_QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3KiPEa-PWSI9i44EXYsdhqTo7xKw%26client%3Dca-pub-2209759466221089%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:53 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 70DD 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:53 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 70DD 308 B
636 B 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 70DD 293 B
621 B 17ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 70DD 43 B
347 B 20ms
20ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=iH38u6YmXNYH3zpEVlQcJH5HHahgBaAl_DV2WRndKBfksLEGYxY-GZ4wVdAdWloWoWUq8GaFV0qvLLUzzsXdg5nPvSQHRlG58MYvQGeodyO9hayfwAdhQzDNBA1dsd6mci32IFZhcyrggNkBBQ9NK9E_Et1MoKYu_8izZoXReDWb9OKMU8DELcvEj-xVVZ9JCBSsoqMDISxiuE_JZ88oQzvzXYEUCwGB7Z6UD2eH4GQAu9jA7lC4XYZLES7Z_0-CmqNza4hGbHtV9XVFwCOFptoBP9Ab-OfG5BObtJVQS7ZMCPQFDisDXN4JS_csF0x2C2d4WjywtHvyMAF33R5g2-kToFZSmLlGVpj6MQ-7HZZFFOwKrXn6vMH4hs4r53PZjHofigZxs_EIbp1LUxw1z_Ue24W8-CW1gq0v9PbqC_Md175e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4469300
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bridge3.552.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AA35 703 KB
224 KB 37ms
35ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 92272
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 228701
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 11:36:01 GMT
expires: Fri, 19 Jan 2024 11:36:01 GMT
last-modified: Wed, 18 Jan 2023 17:45:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6ABB 44 KB
17 KB 152ms
50ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 13:13:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6ABB 107 B
165 B 50ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=boxofficeindia.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 771C 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddaee92fee93318ea0ba9d7ff7b7dfee03ad797a471d9ca4ba6b91f1ab22f852

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D678 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52d82f61e890a2eccbd961e0a1d98b17fe0f3a921a16ec9112de982f460b08ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame 462D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=boxofficeindia.com&sn=ChromeSyncframe&so=0&topUrl=boxofficeindia.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=GIm30nx4djFVWTBzUXlobFluK1NGUURZVW9zQmU3S1ZwY3k2b3RPZVg4V3VoRGR2bEVBZ1p6T0ZnV2h1MXY3SEE5eFRqSk5kMlBWWm1pbklLL3BHYTFrdmpNVG4wVzRuZ2FMVU9BU2htcStoRzNyaUw3dDVuZ0pzd28vOX...

457 B
675 B

163ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GIm30nx4djFVWTBzUXlobFluK1NGUURZVW9zQmU3S1ZwY3k2b3RPZVg4V3VoRGR2bEVBZ1p6T0ZnV2h1MXY3SEE5eFRqSk5kMlBWWm1pbklLL3BHYTFrdmpNVG4wVzRuZ2FMVU9BU2htcStoRzNyaUw3dDVuZ0pzd28vOXpyVW9yNCtrTHpIYjJLZkd2WCswaVd6Y2NBaWxBdm5tWCtHaG9Lc09UeEZsTXdPYUl0WkVlU0pUcTdrV0NNSTRGWVEvdGc2TVZoTy81ZHJjNEhkb2xZc3R6ck96bm9sQ2VIbmhTS3d0VWdEdmhiNWNNNm9KNkh5bWkyN3dLUCtTUU00Z29vckp1RHk4TCtNUEV6UExOelFqTnFrMmY4KzJPMmVFUmhRcjV3UzNBUjNuYVk5bz18&cppv=2

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

13c5edc70c2dd4cae60fca94f581c725f5171e7713f220904509b826d17c9be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2471678
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=GIm30nx4djFVWTBzUXlobFluK1NGUURZVW9zQmU3S1ZwY3k2b3RPZVg4V3VoRGR2bEVBZ1p6T0ZnV2h1MXY3SEE5eFRqSk5kMlBWWm1pbklLL3BHYTFrdmpNVG4wVzRuZ2FMVU9BU2htcStoRzNyaUw3dDVuZ0pzd28vOXpyVW9yNCtrTHpIYjJLZkd2WCswaVd6Y2NBaWxBdm5tWCtHaG9Lc09UeEZsTXdPYUl0WkVlU0pUcTdrV0NNSTRGWVEvdGc2TVZoTy81ZHJjNEhkb2xZc3R6ck96bm9sQ2VIbmhTS3d0VWdEdmhiNWNNNm9KNkh5bWkyN3dLUCtTUU00Z29vckp1RHk4TCtNUEV6UExOelFqTnFrMmY4KzJPMmVFUmhRcjV3UzNBUjNuYVk5bz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 533679
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame 914C 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48c2b68399188ca9126ec2d84cbe6be05bfde858638d6c2cc21623647222c212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 531F 2 KB
854 B 17ms
16ms Stylesheet
text/css 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e0-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 sourcesanspro-700.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 531F 2 KB
854 B 23ms
23ms Stylesheet
text/css 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:06 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e2-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 531F 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 c427df6a01b64b8fb2138012c1192df0_cpn_160x600_1.jpeg
static.criteo.net/design/dt/8721/221221/ Frame 531F 4 KB
4 KB 19ms
17ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/8721/221221/c427df6a01b64b8fb2138012c1192df0_cpn_160x600_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

23704322b850e6b3269f4c1c08fb3c0b044ba0e9cac5c97d0a678d0b2ee9ee80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 21 Dec 2022 16:33:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a3353f-f96"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 3990
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 346564652266430383433635aa9d8dc4_cpn_160x600_2.jpeg
static.criteo.net/design/dt/8721/221221/ Frame 531F 7 KB
7 KB 24ms
22ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/8721/221221/346564652266430383433635aa9d8dc4_cpn_160x600_2.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

abb95f784d3f421a15734562508278f0ca62c8cf311fcb1b5b00dc10b8bc2780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 21 Dec 2022 16:33:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a3353f-1bf5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7157
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 531F 17 KB
18 KB 83ms
30ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=108&m=0&partner=8721&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=316&s=qU1L2LTBxrh9KCgT4a8U_oid

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ace27aa432dd68df4d4d5baa26723966a2a68f3375ac4d5e0181585293f0e33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28900322
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17797
expires: Thu, 21 Dec 2023 01:05:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 531F 14 KB
14 KB 80ms
27ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F5%2F100137036717000_0_1653548469114.jpg&v=3&w=400&s=Q-QS4OESI5TwdMyTxns15JdT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

fe30b0eb242d447979902ed77ec663d5fe6c39688b11b3c0ab3812c4f854dea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=7145925
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13908
expires: Thu, 13 Apr 2023 06:12:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 531F 6 KB
6 KB 88ms
36ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F11%2F100136758112000_0_1669797454328.jpg&v=3&w=400&s=KZIUiOU33EiugudQm2bMTKaI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1479b7cf418d8d932ac2b6044097903935e3e9bd4528401dc0c31622d1c8b0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6207754
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5922
expires: Sun, 02 Apr 2023 09:36:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 531F 6 KB
7 KB 85ms
32ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F21%2F7%2F100121144711000_0_1625751725299.jpg&v=3&w=400&s=tNWz58jbGqdIWFKy3mHvEVho&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a6090a9ab628f7a52dd742bbd45aa76a312b354fc3437876c437ff500e7c43b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=5163406
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6552
expires: Tue, 21 Mar 2023 07:30:40 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 531F 0
127 B 195ms
15ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ItB_8OAFKZZIiFqyZ4alEPdJWB49ozfbsrI5HFJi4WEkBTXr3KfdOeK6ttGpPuXb13jCdLQZ-dDB6vNYSaTwyXEYX2DQjEWjRrz06JcZUtujbgcFxfSU9lqJgltzAipllUteSoBEIJKi9thZfM7cJ0pYblFaSkNZHlt7q8Sp86uSV0BKR1wy8UVPDAueZPWFLx7QgAiHQbXyyj6SzEMxn7H9wmwXNt4SY2bBQ93TXW0MKH2Y40Y8sZFdKuba1sqkq6Hv4w&sds=2&rev=84230&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 531F 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 531F 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 6ABB 2 B
22 B 68ms
67ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=457526820&t=pageview&_s=1&dl=https%3A%2F%2Fboxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=QACAAUABAAAAACAAI~&jid=1172125044&gjid=1299300391&cid=461281065.1674220432&tid=UA-0000-00&_gid=1239052769.1674220432&_r=1&_slc=1&gtm=2ou1i0&z=1278464763

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 6ABB 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=457526820&t=event&_s=2&dl=https%3A%2F%2Fboxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&ec=general&ea=page_load&_u=QACAAUABAAAAACAAI~&jid=&gjid=&cid=461281065.1674220432&tid=UA-0000-00&_gid=1239052769.1674220432&gtm=2ou1i0&z=194650129

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 10:04:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11336
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 6ABB 35 B
55 B 48ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=457526820&t=event&_s=3&dl=https%3A%2F%2Fboxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&ec=general&ea=script_init&_u=QACAAUABAAAAACAAI~&jid=&gjid=&cid=461281065.1674220432&tid=UA-0000-00&_gid=1239052769.1674220432&gtm=2ou1i0&z=1365741659

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 10:04:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11336
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 6ABB 35 B
55 B 48ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=457526820&t=event&_s=4&dl=https%3A%2F%2Fboxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&ec=general&ea=requesting_ad&_u=QACAAUABAAAAACAAI~&jid=&gjid=&cid=461281065.1674220432&tid=UA-0000-00&_gid=1239052769.1674220432&gtm=2ou1i0&z=1892304166

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 10:04:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11336
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 6ABB 35 B
55 B 48ms
48ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=457526820&t=event&_s=5&dl=https%3A%2F%2Fboxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&ec=general&ea=preroll_requested&_u=QACAAUABAAAAACAAI~&jid=&gjid=&cid=461281065.1674220432&tid=UA-0000-00&_gid=1239052769.1674220432&gtm=2ou1i0&z=1228199981

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 10:04:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11336
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DED8 12 KB
5 KB 24ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1422582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64dHbcDf6EaPazx2Zr8S340pCkGv6m9QFPbo304%2BCbR2mBBCI2vmNnEJm%2B%2BZDceaHAWDV7reMGUXB4rts1QncV923dy4mCxraPCWiUmPHKujyNHM0xmXMc9C7%2FaxuobAqwU4%2BUcyj6EThzLrVjdVSNhV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78c811f26f0a2c37-FRA
expires: Wed, 10 Jan 2024 13:13:54 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DED8 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 707a1560151844358bb31c9960693369_volte.woff
static.criteo.net/design/dt/ Frame DED8 16 KB
17 KB 77ms
48ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/707a1560151844358bb31c9960693369_volte.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bdaf440044f36045a52fe5fb8148688d18cd9c550a59113d775466fb394aae0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 12 Apr 2021 13:10:07 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"607446af-41dc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 5181b99166334673b38bbc1271852cbd_cpn_300x250_1.jpeg
static.criteo.net/design/dt/25856/221214/ Frame DED8 77 KB
77 KB 36ms
33ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/25856/221214/5181b99166334673b38bbc1271852cbd_cpn_300x250_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3d3b68780eae098ece3083923cc9c1b9b37bd648f2626d880bb7fb91ad6e1d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 14 Dec 2022 11:02:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6399ad2b-13339"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 78649
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DED8 17 KB
17 KB 51ms
48ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=25856&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F25860%2F210420%2F6b6867d84aa844be8615feeb00108083_logo_n_horizontal_dark.png&v=3&w=596&s=oIFww68Kc8CmarH81ap6_Dag

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

565c47bce50b11a3565ddfcaa48680d9ceb7755ef248f522700852407c7dda40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29436370
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17486
expires: Wed, 27 Dec 2023 06:00:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DED8 15 KB
15 KB 36ms
33ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdw834309f8%2Fimages%2FB2C%2F22WAHA08_3029_8.jpg&v=3&w=400&s=lqX4GRwFxnO3_Ydeg8-Ed0KJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e7fbbb32af05f4be69ae359ff058e14359e5184e074362bf3f4eef5b111f7452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=696937
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15188
expires: Sat, 28 Jan 2023 14:49:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DED8 15 KB
16 KB 34ms
32ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdwafd7d1d2%2Fimages%2FB2C%2F22WWEW66_6003_3.jpg&v=3&w=400&s=1fKr4NWxC32GvvxXvqSrbWy1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3aff0524a9ae5a87944b63a4d3669c6073da520b425950fc61274837c5e514ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=317349
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15794
expires: Tue, 24 Jan 2023 05:23:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DED8 3 KB
4 KB 33ms
30ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdwe84fa7e6%2Fimages%2FB2C%2F22WAXA75_4092_1.jpg&v=3&w=400&s=ngy22uUVLnuWIy7pUAt1l7GL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

939be4b339b787c4c6428e6cfc831f09117f3795c99dc47a9eb4a33aed4815a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1790052
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3564
expires: Fri, 10 Feb 2023 06:28:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DED8 12 KB
12 KB 36ms
34ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdwfc96091c%2Fimages%2FB2C%2F22WGKK01_2000_1.jpg&v=3&w=400&s=mzmp16huy9GmeC6tYtpLrz1Q&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dbace09b21f1576fb9cd0a24220a5f2dc5b25945325d1c46c721ddaff2072d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=503679
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11938
expires: Thu, 26 Jan 2023 09:08:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DED8 15 KB
15 KB 33ms
31ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdw1d4a21f1%2Fimages%2FB2C%2F22WWEWB2_6057_1.jpg&v=3&w=400&s=LT3txRSZ2WK-VdzGURBklzrC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9cee5b4c731393a1586bf2c65f2cfdea32717a5631fb181a98c2ff33b1765e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2579940
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14986
expires: Sun, 19 Feb 2023 09:52:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DED8 10 KB
10 KB 33ms
32ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdw4fc70d37%2Fimages%2FB2C%2F22WAXP40_2000_1.jpg&v=3&w=400&s=7FDW_mpjKMSo45uj_gFpfqYJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3aa3317583484c809e4b726dac9cf4e62a4b850064ce0800be1922fa3168e469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=513086
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9960
expires: Thu, 26 Jan 2023 11:45:21 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DED8 0
128 B 65ms
14ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=NRoKfOAFKZZIiFqyuWektigYzKCqFQIKxgg4N4goe-TH-FbmCCiSAxIJsK15tL2QXWsS7B12DfuZqMuKET6_0bD7hCDnFLuHUfK9LL6su1Cxd6pgiKU8V4y6nbYPwNKJhd6PnRoKtDoa7maZtO9s6lqXsHDOSfUiOjTrt_-ylbubmwlqca-OD7idHolgbRaqLjix1oHbalm6TWwOp7DKXKG0nS2wZuuKWdBnnSGzZNEO9D5RlRdDeeOUHfXJntPVjVqVbQ&sds=2&rev=84230&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DED8 2 KB
1 KB 56ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DED8 2 KB
1 KB 54ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H/1.1 200
OK button.94bfed7557dd68e20db6633c9bba0c38.js Show response
platform.twitter.com/js/ 8 KB
3 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.94bfed7557dd68e20db6633c9bba0c38.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: aedd411d74001f9a93307a5b87b2e2d389d22779c4cc5f4c0ab771aac12c5cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:54 GMT
Content-Encoding: gzip
Age: 559492
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2621
Last-Modified: Sat, 14 Jan 2023 01:38:22 GMT
Server: ECS (frb/67AA)
Etag: "235a7099f96de798c812f6028e24157c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 70DD 12 KB
5 KB 16ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1422582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLhIggnPEJB1KcXA1tHdtiOusnQ4HBn02rL2YC6fM5g3l3furxl04i1B2TDEn7sVGcxtM0GJ1NAElNrKeJG83LsupGRiegTdxh28379GjljvCWgWs0%2Fvf66Nlr9Khz%2BhMiIq7TAzyTN76frORfYTvROM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78c811f2cfc82c37-FRA
expires: Wed, 10 Jan 2024 13:13:54 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 70DD 12 KB
6 KB 21ms
21ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 707a1560151844358bb31c9960693369_volte.woff
static.criteo.net/design/dt/ Frame 70DD 16 KB
17 KB 21ms
18ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/707a1560151844358bb31c9960693369_volte.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bdaf440044f36045a52fe5fb8148688d18cd9c550a59113d775466fb394aae0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 12 Apr 2021 13:10:07 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"607446af-41dc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70DD 15 KB
15 KB 18ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdw1d4a21f1%2Fimages%2FB2C%2F22WWEWB2_6057_1.jpg&v=3&w=400&s=LT3txRSZ2WK-VdzGURBklzrC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9cee5b4c731393a1586bf2c65f2cfdea32717a5631fb181a98c2ff33b1765e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2579939
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14986
expires: Sun, 19 Feb 2023 09:52:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70DD 15 KB
16 KB 20ms
19ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdwafd7d1d2%2Fimages%2FB2C%2F22WWEW66_6003_3.jpg&v=3&w=400&s=1fKr4NWxC32GvvxXvqSrbWy1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3aff0524a9ae5a87944b63a4d3669c6073da520b425950fc61274837c5e514ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=317349
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15794
expires: Tue, 24 Jan 2023 05:23:03 GMT

GET
H2 200 90a547d87f2341e9b7fa726aa6a3ad6c_cpn_160x600_1.jpeg
static.criteo.net/design/dt/25856/221214/ Frame 70DD 76 KB
77 KB 18ms
17ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/25856/221214/90a547d87f2341e9b7fa726aa6a3ad6c_cpn_160x600_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9f9198658c410a70ce864ab8c748dfafab5c964e8b64565400d6de7701277d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 14 Dec 2022 11:02:02 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6399ad2a-13106"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 78086
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70DD 25 KB
25 KB 20ms
19ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=108&m=0&partner=25856&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F25860%2F210420%2F6b6867d84aa844be8615feeb00108083_logo_n_horizontal_dark.png&v=3&w=316&s=WZRoXykyJozjFwlIvZEpw2Sr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3c48a5cbaf915ea1b0c3b1795890f4588c6a35a6f9aea2a2a8ad64ffa24e0a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29436369
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25201
expires: Wed, 27 Dec 2023 06:00:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70DD 9 KB
9 KB 22ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdw560138bd%2Fimages%2FB2C%2F22WAXA50_2000_2.jpg&v=3&w=400&s=zuZyoiXAfB-5J2sP8by8HgUw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a3ac5325b976f7f4c1edf2e0497494b1cf8fc9c589e5bd82adf0b4230918ef5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=869943
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8828
expires: Mon, 30 Jan 2023 14:52:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70DD 25 KB
25 KB 27ms
27ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdwb0541711%2Fimages%2FB2C%2F22WWEW98_3136_3.jpg&v=3&w=400&s=RcAyvPliUcRMiJz2t8NJ95A7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a1ee8635affe3c786246c033600b134e81cc62ac90554a789c33e900f8fc492a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1289159
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25472
expires: Sat, 04 Feb 2023 11:19:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70DD 11 KB
11 KB 22ms
22ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdwa1871e5b%2Fimages%2FB2C%2F22WWEW49_9019_1.jpg&v=3&w=400&s=zOvqj8kY6Q7kR8xXMM1xKajB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c2c49a392e8a7c23c0d5c0f5d0540c1902d76a7a138325a79339d14be48fc3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=323626
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11096
expires: Tue, 24 Jan 2023 07:07:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70DD 8 KB
8 KB 25ms
25ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=25856&q=80&r=0&u=https%3A%2F%2Fwww.desigual.com%2Fdw%2Fimage%2Fv2%2FBCVV_PRD%2Fon%2Fdemandware.static%2F-%2FSites-desigual-m-catalog%2Fdefault%2Fdw01f99458%2Fimages%2FB2C%2F22WWEWX3_4003_2.jpg&v=3&w=400&s=MXpd19eGZppMAyjoauwVjsch&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

fa51ad79774b75dc6dafcaf7036cee341866349b613e554eb977fff952f0615b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2488676
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8318
expires: Sat, 18 Feb 2023 08:31:51 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 70DD 0
127 B 15ms
15ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=1LTkEuAFKZZIiFqynilnkTy6dkIPvtnbYFmpGh4Ue9lGxVREzFyPTHoGyouE72HlrlruAEccDJJFag4a1RxSV7k6KUi9U8pVUGkpwKAUuX_Ijes7FMGwiRvGpEslhW4zqrzU3zCBmhTPdprsBUxYtpqLzvX9SvllV5DtcDu1U4bsUWltyf40IM_ljOPikdh2s9lwWfJkKgHv96m9S-i--UM0FPdiuqJV6TFGqCM-Ae_8U9CyESGr-JpnovZgybPb42c2dw&sds=2&rev=84230&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 20 Jan 2023 13:13:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 70DD 2 KB
1 KB 27ms
26ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 70DD 2 KB
1 KB 27ms
27ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 531F 13 KB
13 KB 23ms
23ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1df-32ec"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 sourcesanspro-700-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 531F 13 KB
13 KB 17ms
17ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e1-327c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 49ms
47ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 146 KB
28 KB 534ms
534ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1312335167255230&correlator=84069426092559&eid=44761477&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=1067277%2CATD_BoxofficeIndia%2CATD_160x600_LHS%2CATD_160x600_RHS%2CATD_300x250_Desktop_Homepage_BTF%2CATD_300x250_Desktop_Homepage_INR&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F3%2C0%2F1%2F4%2C0%2F1%2F5&prev_iu_szs=160x600%2C160x600%2C300x250%2C300x250&ifi=12&adks=3969133608%2C2430886994%2C924216401%2C1904640850&didk=206509830~3695170705~862884592~846366556&sfv=1-0-40&ris=2~2~2~2&rcs=1%2C1%2C1%2C1&prev_scp=mod%3Dfi%26amznbid%3D2%26amznp%3D2%7Cmod%3Dfi%26amznbid%3D2%26amznp%3D2%7Cmod%3Dfi%26amznbid%3D2%26amznp%3D2%7Cmod%3Dfi%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=url%3D%252F%26ref%3Dnull%26NativeFloor%3Dyes&sc=1&cookie=ID%3Da933d67a1d159c4c%3AT%3D1674220432%3AS%3DALNI_MaykqGtoMb-Emty8EET0yvaZ_73mQ&gpic=UID%3D00000bc71b5338d7%3AT%3D1674220432%3ART%3D1674220432%3AS%3DALNI_MYz8W9y1s997GbKJ1c1AYgkt-L8Ug&abxe=1&dt=1674220434489&lmt=1674220434&dlt=1674220431462&idt=912&adxs=64%2C1376%2C992%2C305&adys=179%2C179%2C1290%2C838&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C3%7C0&ucis=5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fboxofficeindia.com%2F&frm=20&vis=1&psz=287x600%7C287x600%7C300x0%7C300x250&msz=160x-1%7C160x-1%7C300x0%7C300x-1&fws=4%2C4%2C132%2C4&ohw=160%2C160%2C310%2C310&ga_vid=461281065.1674220432&ga_sid=1674220433&ga_hid=516314689&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpODB-twwSABSAghkEhkKCnB1YmNpZC5vcmcYtePB-twwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKTgwfrcMEgAUgIIZBIUCgVvcGVueBik4MH63DBIAFICCGQSGQoKdWlkYXBpLmNvbRik4MH63DBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfmwfrcMEgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

318ff7f2e7b9a5afb931617e125f53b7c66729847f3af37676e63b8ad1b26363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28754
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame 1FEA
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%25%25VGUID%25%25
https://us-east-pbs.automatad.com//setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=FtSJW8waQlVr&ev=1&pid=561205
https://us-east-pbs.automatad.com/setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=FtSJW8waQlVr&ev=1&pid=561205

0
572 B

94ms
93ms

Image
text/plain

143.244.214.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=FtSJW8waQlVr&ev=1&pid=561205

Protocol

Server

143.244.214.118 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=FtSJW8waQlVr&ev=1&pid=561205
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 134
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame D93C 0
91 B 56ms
20ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 20 Jan 2023 13:13:54 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 26ms
26ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 13:13:54 GMT

GET
H/1.1 200
OK tweet_button.3da3731af9a8a2b242ed5500485bb22f.en.html Show response
platform.twitter.com/widgets/ Frame C119 37 KB
14 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.3da3731af9a8a2b242ed5500485bb22f.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 9a9d9966204cf244b29a04ea352a528361631c9f22657c23b3e46904da3fc175

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 559477
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13752
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Jan 2023 13:13:54 GMT
Etag: "16fd6c3350b2c85cc790d536a19582da+gzip"
Last-Modified: Sat, 14 Jan 2023 01:38:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67AA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.3da3731af9a8a2b242ed5500485bb22f.en.html Show response
platform.twitter.com/widgets/ Frame 9E62 37 KB
14 KB 17ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.3da3731af9a8a2b242ed5500485bb22f.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 9a9d9966204cf244b29a04ea352a528361631c9f22657c23b3e46904da3fc175

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 559477
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13752
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Jan 2023 13:13:54 GMT
Etag: "16fd6c3350b2c85cc790d536a19582da+gzip"
Last-Modified: Sat, 14 Jan 2023 01:38:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67AA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
95 B 136ms
135ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fboxofficeindia.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1674220434572%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222b959255e8896%3A1673658205745%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=2bbb9f2938eecd5756b527fb4f27d296bfe9ec80

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 128
date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 20 Jan 2023 13:13:54 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 42f23c810678e1bb
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 7d4e3f51145fc53808b6c28d533032ce0fbfbd08c6a80961d11a92d937e3ac91
content-length: 43

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
146 B 115ms
114ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fboxofficeindia.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1674220434573%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222b959255e8896%3A1673658205745%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=2bbb9f2938eecd5756b527fb4f27d296bfe9ec80

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 107
date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 20 Jan 2023 13:13:54 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 5fd5d4ffc6cdff8c
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 7d4e3f51145fc53808b6c28d533032ce0fbfbd08c6a80961d11a92d937e3ac91
content-length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6ABB 0
0 85ms
85ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstygq_C8-cP2mW8isYIHUaRLvhDkZnDi4oy1TItFpTNBTkVECYvaGXTKt6vq1SL-ucvr1avhtb8qA086jprkcXhspy9SjVvSx7dYrdrpsFdCu68RZUrHL9KwesjosInez4XCracmL3wn9KLKvejphN5AYqTXvGWLiGXh4vJEKbAUW65ExahVKJRhlrjicT8m0Q9_bcsLfG7IZatDBJwYpR6LgGEU_V7U9dGrfSm_HvRO3xW05WiUjRpowxvCGmHsunSyiOTKYrdg6T0cv1xgLfLYUJPpyyCDytI61mNJ76-YbcZx63YYofUnz9IbIur3A6osSkla_280_vy5PPISzh-l_YBf_gUxFUO2wDDVYSFlTALfhfHzRTHC7DN-A&sai=AMfl-YRqaVevLKkT8Qml0pkx2haw2Y34KgmePqyFhsiF_Ucy_0HPEe4TeQ2AAjERMPn43Cre-Q3i_uvVBW9L94zxv3z6YXpoErrO7PjXaUyFmIvo4tEJEv1GMeHWQ5ZfEK4BZDQWTpw1sQq1vYTZp_GUIUE&sig=Cg0ArKJSzMMS7P2HxX5qEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:54 GMT

GET
H2 200 6354.js Show response
go.trvdp.com/init/ 6 KB
6 KB 59ms
8ms Script
binary/octet-stream 13.32.27.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/6354.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1273/6354.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3876f77e068beaac13746cbee0bfb32dfe596b5e8c270ce7fb87cae479d4e824

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 16:50:16 GMT
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 12:29:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 851019
etag: "a5f07340662e992c586a87c54874f41f"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: MKDF8zPXKSyX2QJLviHdzmXotJEWAnnxd27rnDvvK3DjjYB0afzh5Q==

GET
DATA 200
OK truncated
/ Frame C119 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame AA35 156 B
748 B 651ms
503ms XHR
text/xml 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F229445249%2C1067277%2FDWTag-DFPNew_RS75_Boxofficeindia_DWV_VAST_180321&description_url=https%3A%2F%2Fboxofficeindia.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2377494713905230&vpmute=1&sdkv=h.3.552.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=2963039908&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.552.0&sid=E06C941B-3EE4-4F0F-8E96-32009FDC98B4&a3p=EhwKDWNyd2RjbnRybC5uZXQYpODB-twwSABSAghkEhkKCnB1YmNpZC5vcmcYtePB-twwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKTgwfrcMEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lXR1p3TmtOUWVtSlJOR2xFVVUwelpWUXpkVzAzZHowOUluMD0Y1-jB-twwSAASGQoKdWlkYXBpLmNvbRik4MH63DBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfmwfrcMEgAUgIIag..&nel=0&eid=44748969%2C44765701%2C44777647&ref=https%3A%2F%2Fboxofficeindia.com%2F&url=https%3A%2F%2Fboxofficeindia.com%2F&dlt=1674220433284&idt=1165&dt=1674220434645&cookie=ID%3Da933d67a1d159c4c%3AT%3D1674220432%3AS%3DALNI_MaykqGtoMb-Emty8EET0yvaZ_73mQ&gpic=UID%3D00000bc71b5338d7%3AT%3D1674220432%3ART%3D1674220432%3AS%3DALNI_MYz8W9y1s997GbKJ1c1AYgkt-L8Ug&scor=4408933485369232&ged=ve4_td2_tt0_pd2_la2000_er253.980.253.980_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 25ms
25ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Jan 2023 22:25:06 GMT
server: nginx
etag: W/"63bde5c2-162a9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 13:13:54 GMT

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 160ms
108ms XHR
application/json 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1273&wid=6354&cb=1162.9708508957992&pid=4168&url=https%3A%2F%2Fboxofficeindia.com%2F
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6354.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 851ff9a0d3bb795b09dec095d015e6bc747f61e28fe488b43a0c4ee0e0e80353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://boxofficeindia.com
access-control-allow-credentials: true
x-amz-cf-id: O2_mlY6Tttq57-2d7pqhBAPZTsWMRC_LDTd0AqHbb0aFie5FLZ0aUA==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 161ms
88ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89d8bbac44cb215a224e514d58dfd1454dd78dae086cf8c1fb07cd12d758915a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11051
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v2.6/plugins/ Frame 3D3D 48 KB
18 KB 93ms
76ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23d9c827fd91b8%26domain%3Dboxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fboxofficeindia.com%252Ff12877e5371668%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fboxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6cc6db1415c4eb3246fcd5829b4c6c29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dfd82de41361dd3da4cc7225d61574f6e3a034fb1fcc671e361b66bf1af5de20

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 20 Jan 2023 13:13:54 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
origin-agent-cluster: ?0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 2Dl+1dXsa/8SvRcayB9/8YH8so2BBleaGTh6afSYhtYSXv0sM33QRck02u8E1+pR5P3RyD2AqYa865i2z9rVTg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v2.6/plugins/ Frame ABDE 48 KB
15 KB 86ms
76ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19bb7680005c4%26domain%3Dboxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fboxofficeindia.com%252Ff12877e5371668%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fboxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6cc6db1415c4eb3246fcd5829b4c6c29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

667544c59c528b0b85ebaab70faf271138a72f452d981a9e7c562a13e4aeee79

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 20 Jan 2023 13:13:54 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: lSEPuoyJ1dRg+YQd7IvKCzWJMHJHpHTI8UVpLorfsn4O7ZwWOAfdzFjzhvtKKlTO39YSgUEnM7jbqXyCExWxSA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1F9F 15 KB
6 KB 21ms
20ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=boxofficeindia.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 1079474
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H3 204 rum Show response
boxofficeindia.com/cdn-cgi/ 0
143 B 9ms
9ms XHR
text/plain 2606:4700:3034::6815:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://boxofficeindia.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:8ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type: application/json

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://boxofficeindia.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 78c811f52b83bb50-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1F9F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=boxofficeindia.com&sn=ChromeSyncframe&so=3&topUrl=boxofficeindia.com&bundle=xKg_3F9uSmt1TFlIRFFqektKUXBjZGZ3ZThJQTEyY2J1JTJGMzlVJTJCenVaVW...
https://mug.criteo.com/sid?cpp=mEsQ2HxCaFRRZm9XZTY1Skh2WVFZQkdCckJWbGZFRUVSTjRxVG93algrZ2tyWWZ6VkdoM3hLU1JGY1V4dXF1czZHMzhYM0ZrODA3V3VsWGdEaWl5dUdlakIwV3l1Uy9pZWtkNlFvMktzWlVldXpzNnZVWUVhNFkzOVAwRG...

457 B
679 B

17ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mEsQ2HxCaFRRZm9XZTY1Skh2WVFZQkdCckJWbGZFRUVSTjRxVG93algrZ2tyWWZ6VkdoM3hLU1JGY1V4dXF1czZHMzhYM0ZrODA3V3VsWGdEaWl5dUdlakIwV3l1Uy9pZWtkNlFvMktzWlVldXpzNnZVWUVhNFkzOVAwRG15alQ2eVl0WnV2MVdlRVpYZ1hNVCtvQSs0cGcxbFRudVhrNkZzSW9ZMUE5UmFKaTIvSWhLdjVrYzh4bmtudzAyYW0weUlVREQ3ZndHbFNGc0ZVbGl6MENWTG1mU2ppVnIvNFg4RS93aVQ4ajJZNENyc3VkaU5hZTRlaU43QUR2QzZERGM0WkZxL2lGOE4zemhHVG42dlhOb0hjdzAxLzVyMjUrc1pVenUzdUlCRHp0bGJRaz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9f5ec1975862442c9bad4ad2f77d18978e66cf77bd2ee88997e3522facf0bc21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1222436
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=mEsQ2HxCaFRRZm9XZTY1Skh2WVFZQkdCckJWbGZFRUVSTjRxVG93algrZ2tyWWZ6VkdoM3hLU1JGY1V4dXF1czZHMzhYM0ZrODA3V3VsWGdEaWl5dUdlakIwV3l1Uy9pZWtkNlFvMktzWlVldXpzNnZVWUVhNFkzOVAwRG15alQ2eVl0WnV2MVdlRVpYZ1hNVCtvQSs0cGcxbFRudVhrNkZzSW9ZMUE5UmFKaTIvSWhLdjVrYzh4bmtudzAyYW0weUlVREQ3ZndHbFNGc0ZVbGl6MENWTG1mU2ppVnIvNFg4RS93aVQ4ajJZNENyc3VkaU5hZTRlaU43QUR2QzZERGM0WkZxL2lGOE4zemhHVG42dlhOb0hjdzAxLzVyMjUrc1pVenUzdUlCRHp0bGJRaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 630803
content-length: 0
expires: 0

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 3D3D 299 B
548 B 8ms
7ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23d9c827fd91b8%26domain%3Dboxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fboxofficeindia.com%252Ff12877e5371668%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fboxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: /0jE0xXoQZTqxFfj48C7Tl2sOjQ0e/IxL6jR0dzmUY//kNxlPhGXgxfslaObusGf0Ch+7Uyz6Y1dZ4ypFJUk4w==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 12 Jan 2024 03:41:29 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame ABDE 299 B
447 B 7ms
7ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19bb7680005c4%26domain%3Dboxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fboxofficeindia.com%252Ff12877e5371668%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fboxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: /0jE0xXoQZTqxFfj48C7Tl2sOjQ0e/IxL6jR0dzmUY//kNxlPhGXgxfslaObusGf0Ch+7Uyz6Y1dZ4ypFJUk4w==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 12 Jan 2024 03:41:29 GMT

GET
H3 200 6hutxvQjw3A.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yu/l/en_US/ Frame 3D3D 526 KB
135 KB 8ms
8ms XHR
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yu/l/en_US/6hutxvQjw3A.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e66d97fa98180c0cd41e3a6fee8fc598218396f4b88712b61ba8c1c568b44be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LtVXseJrIuA25Mwep0eY3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 138203
x-fb-rlafr: 0
x-fb-debug: jxG3azqLrTvz/j44tTWo31yocUQuLZkqy1pRmS32j/SbGsx7XvFNfnF/c4thZ3TToElO2KU0ChxBpYK3hT98Dg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 Jan 2024 01:35:22 GMT

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.799/ 466 KB
128 KB 37ms
8ms Script
application/javascript 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.799/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6354.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-19.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b24ba59c742394e93e2e36f96f656da2c2141a082ace1e3a71873fc755cb050a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:41:08 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jan 2023 09:59:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 700367
etag: W/"922e444c4350bd6d0ffc27f17a9942cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fu8G_w7sI0ndl7dOYzYybj2BzR8qZGXNVe6iIY1eFlyONu40GZ2pew==

GET
H3 200 6hutxvQjw3A.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yu/l/en_US/ Frame ABDE 526 KB
135 KB 8ms
8ms XHR
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yu/l/en_US/6hutxvQjw3A.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19bb7680005c4%26domain%3Dboxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fboxofficeindia.com%252Ff12877e5371668%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fboxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e66d97fa98180c0cd41e3a6fee8fc598218396f4b88712b61ba8c1c568b44be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LtVXseJrIuA25Mwep0eY3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 138203
x-fb-rlafr: 0
x-fb-debug: jxG3azqLrTvz/j44tTWo31yocUQuLZkqy1pRmS32j/SbGsx7XvFNfnF/c4thZ3TToElO2KU0ChxBpYK3hT98Dg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 Jan 2024 01:35:22 GMT

GET
H2 200 6hutxvQjw3A.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yu/l/en_US/ Frame ABDE 526 KB
135 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yu/l/en_US/6hutxvQjw3A.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19bb7680005c4%26domain%3Dboxofficeindia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fboxofficeindia.com%252Ff12877e5371668%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fboxofficeindia.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e66d97fa98180c0cd41e3a6fee8fc598218396f4b88712b61ba8c1c568b44be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LtVXseJrIuA25Mwep0eY3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 138203
x-fb-rlafr: 0
x-fb-debug: jxG3azqLrTvz/j44tTWo31yocUQuLZkqy1pRmS32j/SbGsx7XvFNfnF/c4thZ3TToElO2KU0ChxBpYK3hT98Dg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 Jan 2024 01:35:22 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F9D0 42 B
64 B 136ms
136ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCKgI7J1IFbSk81GkX82yjyU4pBViXkYDZm-QwCL-TBIE4aKIbE_MbfIJOKTn4AmPkJeOHPPjnGu3GrJLEFJp2RZNr7Oc4qj_xhiJs8aj3-Nnso1Le&sig=Cg0ArKJSzGx3qCmgq2GJEAE&id=lidar2&mcvt=1000&p=1199,1599,1200,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3931964080&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674220433452&rpt=375&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 54 B
729 B 730ms
135ms XHR
text/plain 35.208.216.174
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=boxofficeindia.com&l1=6354&l2=boxofficeindia.com&l3=DE&l4=desktop&l5=5.799&cb=0.4037200268856125
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.799/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: cda446aa5202736d9e2cd7d2bc90bbd1f1bf5fa2f8555303a88c548095226220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:55 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://boxofficeindia.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 54

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E654 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:01:26 GMT
expires: Sat, 20 Jan 2024 13:01:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4131 783 B
999 B 302ms
186ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

59f36a852937a3e2f190333089e85f3ba843c791d3f6ead034f0357018cb9005

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AjAPNaS6pLyAs5uQJAUrEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-AjAPNaS6pLyAs5uQJAUrEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:55 GMT
expires: Fri, 20 Jan 2023 13:13:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame E654 36 KB
16 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 10:03:03 GMT

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame 1FEA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://us-east-pbs.automatad.com//setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677
https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677

0
661 B

94ms
94ms

Image
text/plain

143.244.214.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677

Protocol

Server

143.244.214.118 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 112
expires: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 771C 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame D678 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301041800000/ Frame AC54 221 KB
60 KB 419ms
75ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61740
x-xss-protection: 0
server: sffe
etag: "8e9029bac2b10828"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame AC54 15 KB
5 KB 489ms
146ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5230
x-xss-protection: 0
server: sffe
etag: "98e8559bf0300638"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame AC54 94 KB
29 KB 381ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28829
x-xss-protection: 0
server: sffe
etag: "80143a542ab189b2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame AC54 5 KB
2 KB 490ms
147ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "c26873ae23a2dfcc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame AC54 40 KB
13 KB 485ms
142ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "a53f7d5e2894160e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
DATA 200
OK truncated
/ Frame AC54 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfb2cbfab2a99400dde9fbb3840e4f13602cac84ef6852afcb8cb2eab3144539

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301041800000/ Frame 75C4 221 KB
60 KB 433ms
100ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61740
x-xss-protection: 0
server: sffe
etag: "8e9029bac2b10828"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 75C4 15 KB
5 KB 69ms
66ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5230
x-xss-protection: 0
server: sffe
etag: "98e8559bf0300638"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 75C4 94 KB
28 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28829
x-xss-protection: 0
server: sffe
etag: "80143a542ab189b2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 75C4 5 KB
2 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "c26873ae23a2dfcc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 75C4 40 KB
13 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "a53f7d5e2894160e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
DATA 200
OK truncated
/ Frame 75C4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67e4a4b478b5c4566250079c1ae706189d6067615f703a2aec5e0770cd5dd97b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 7318613449904184037
tpc.googlesyndication.com/daca_images/simgad/ Frame AC54 82 KB
82 KB 40ms
39ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7318613449904184037

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a0061b947104e500e4e0227188b745229efc59cf4a29c4478d9ad4db6cefa26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 20:21:15 GMT
x-content-type-options: nosniff
age: 406360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83856
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 14:48:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 Jan 2024 20:21:15 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC54 2 KB
2 KB 41ms
39ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 05:07:54 GMT
x-content-type-options: nosniff
server: cafe
age: 29161
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Jan 2023 05:07:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC54 295 B
319 B 59ms
57ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 09:50:10 GMT
x-content-type-options: nosniff
server: cafe
age: 12225
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Jan 2023 09:50:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AC54 0
0 74ms
71ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJdGeuShXMhiVK5Tlu111leaZCwOp4QkcLAsHPpTmzuUbKXuDTBCVcem9UIeUZPWPuYqyx7TtWcLlNNKCbbzQX3C6mtQ
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AC54 0
0 85ms
83ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6E2ZkpPKY7uaIoGIzQaa76KwCIOohvZt2KyM2t0Q75zV384cEAEg_o6DkAFgleKQgqAHoAGcr_uoAsgBAuACAKgDAcgDCKoE-QFP0CttExaYTsWyy3mUuWL_qtY5dKYgAhyBJ2le0GwSF_3jI_Rtz98EieiGI-lwaGBWc32ot0TtbyUG10Ar6hz7GmO34zeyMezHJ6s7XMkjK_WzSvRB-Ya5Bgegr1kOr2HxVzF1Lh8Q8WXYvISVMTOTwJgDUk2KE2FiNFs-56tRazjMpsvJvJywm-nCoK93ywoD0bIK7XoGcTyuN8Y1yq4LcytQKLefBZd4lQf8gCadaBc7sNn9sy_XG050Y1zet40V8PisP9v8XZ7_XQILHsBJaVjCYYL3QK9ryETDWp5FO-02Lp5P5oRJPfhgw32fxuHIBCMJ8CcmY-XABOiNnq2xBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOD8BtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMO0BUBmBYBgBcBshceChwIABIUcHViLTIyMDk3NTk0NjYyMjEwODkY3cwJ&sigh=9GN02BDDjdc&uach_m=[UACH]&cid=CAQSPADq26N92Q0EoQsrBc4SiJ5wD-wFR9Haqdtb5234xPTpc86bzUFNdk-x5xFBMsNr5ROmtBqUugp06oqR4hgBIBM
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 7318613449904184037
tpc.googlesyndication.com/daca_images/simgad/ Frame 75C4 82 KB
82 KB 59ms
57ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7318613449904184037

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a0061b947104e500e4e0227188b745229efc59cf4a29c4478d9ad4db6cefa26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 20:21:15 GMT
x-content-type-options: nosniff
age: 406360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83856
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 14:48:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 Jan 2024 20:21:15 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 75C4 2 KB
2 KB 72ms
70ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 05:07:54 GMT
x-content-type-options: nosniff
server: cafe
age: 29161
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Jan 2023 05:07:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 75C4 295 B
319 B 76ms
74ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 09:50:10 GMT
x-content-type-options: nosniff
server: cafe
age: 12225
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Jan 2023 09:50:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 75C4 0
0 72ms
71ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4HaAhwlZSYa0qtwMRlOSYrcatdZQwzeopsq01sr7y8t9WKpv8vnuMIqmF0WCYPFd_Kc59fNZgQbf60fnI9vrD5jL_sg
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 75C4 0
0 85ms
83ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaAqDkpPKY7yaIoGIzQaa76KwCIOohvZt2KyM2t0Q75zV384cEAEg_o6DkAFgleKQgqAHoAGcr_uoAsgBAuACAKgDAcgDCKoE_AFP0OXUkICjH_nyaNGfZKXhfFvGzzGUWVIhGwwW0xaAmV67GgEZO3rDEu9rN5abVO86ssNgRYAypX_JRGd32K83LoqqhJKooGv7VwQ1V2daZsoiWqf2L4pN9Hr0QfRWHQwnSCdkv0mTFJMgIOcr8A_sWwL4NMwRDiUkNHtJHX_uoRPpEwv_wFApx_BPYpkfkiX26SconevmLK6V4T89BZnKqHqYA7PxvtzYOjzFeUpB417LtNJRJOkkqX_ZcM9zymtJOUMlenbW8Ks-dWh4xoxhZU66VaQdRonSFNPzFcQXoQEKvL-TRhWGV_HHvMyWcLKOqk7MjDYStwM5kljABOiNnq2xBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJekBtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMO0BUBmBYBgBcBshceChwIABIUcHViLTIyMDk3NTk0NjYyMjEwODkY3cwJ&sigh=P9c5i59JbPo&uach_m=[UACH]&cid=CAQSPADq26N92Q0EoQsrBc4SiJ5wD-wFR9Haqdtb5234xPTpc86bzUFNdk-x5xFBMsNr5ROmtBqUugp06oqR4hgBIBM
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 914C 0
0

GET
H2 200 container.html Show response
c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D93F 6 KB
3 KB 352ms
46ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Sat, 20 Jan 2024 13:13:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A0C 6 KB
3 KB 58ms
48ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:53 GMT
expires: Sat, 20 Jan 2024 13:13:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0B53 81 KB
27 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fa1cd1ead9e7d49e3226830297e4303c8f5cf9ec854afdfd33d2b0782e02fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27773
x-xss-protection: 0
server: sffe
etag: "1457 / 935 of 1000 / last-modified: 1674216530"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 20 Jan 2023 13:13:55 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 6ABB 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=457526820&t=event&_s=6&dl=https%3A%2F%2Fboxofficeindia.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&ec=general&ea=preroll_expired&_u=SACAAUABAAAAACAAI~&jid=&gjid=&cid=461281065.1674220432&tid=UA-0000-00&_gid=1239052769.1674220432&gtm=2ou1i0&z=400966661

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 10:04:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11337
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame 1FEA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://us-east-pbs.automatad.com//setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677
https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677

0
660 B

95ms
95ms

Image
text/plain

143.244.214.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677

Protocol

Server

143.244.214.118 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 112
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4131 0
0 140ms
140ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011101&jk=1312335167255230&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 pubads_impl_2023011101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0B53 383 KB
129 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132552
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 09:35:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Jan 2024 10:49:15 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 0B53 627 B
238 B 91ms
91ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cfb4ba68c6364d110555c9abfc681974fe49026c00783ab09a991be5330eb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:55 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D93F 0
0 88ms
87ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COCcekpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSbAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnh1Yc_5B1Vv0mORfuB019jlKGIB3ke9uac6VMK-mCmES8WqZWTBfgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTIyMDk3NTk0NjYyMjEwODkY3cwJ&sigh=xyUUmbX_zaI&uach_m=[UACH]&cid=CAQSPADq26N92Q0EoQsrBc4SiJ5wD-wFR9Haqdtb5234xPTpc86bzUFNdk-x5xFBMsNr5ROmtBqUugp06oqR4hgBIBM
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D93F 0
0 71ms
21ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j14ypqgbx4w2n7ts5qmfp5xa4t3gbrdc24v7fec9rjs7mnms92pytbje2vf60aphf5frwehpdh25dqctbz8hk7vqqapm0xckcsrxe7xxyvn360ga8xqgrjxete1mk37cr574xqp1asafn2twzqsszwh60sw75bm5sjatjebew81mspx7pq9f4f24vakjmrh3j64g9khyppd27fepcp8qgy1ne0gknxr47bqx5gn9tvgxd2kbahqdy2sgv869qpt7zepasyp2kg3pvbhg9ykrtdczyap18s26t114xz20kv09v637jf1d3ts7j18djwy33zr2ckfyjj4ykyd4t3rd96s8ce4e1k1t8ax3gerz6h2vwdhyqbfayb4ztw6kmnt3pj0&b=Y8qTkgAIjT0K00QBAAi3moi9hnEbc6CQo5iaYA
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 Jan 2023 13:13:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 01C0 2 KB
3 KB 82ms
49ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j8bx3wmyk62zx86a48yh3y3dmma47vc7w26fb52cca10garzpj9910vrw6g56h3h1psrw4pnf33se78y117yxgm4898pz9c9e3bfqf81y119mh7wznhasq233mwcyvv6j6r98pzaymz70zcfhthzdp32mdckfgcszvnymkwdkhzp7ath8x4q0j41v2a6bfq7j8j6xmfjwbjjd073sst9p9e1wy2v6p2e8144r4tc7gc0k69g8ec8aakz7w8xesr53ypetqpaftx50z7dzsbs66vz4vkzy28hcfct7rwgxaqgba9x3j3p2cnm40qxm91g6bd5aj2zbgfbn74a0p6h0qsn5wagq01vn7mg3x6em5pvvnv1j239c27zwrbvf5npx7dsm1f11va5kxk1xbdq8v2xz8kkwnzb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%26client%3Dca-pub-2209759466221089%26adurl%3D

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b82bde8b3f5bbd92f639bfc47738d75086488b89ad0c6a647ea1f5dd1bcfba1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78c811f9ea969962-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:55 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame D93F 3 KB
1 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 09:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 09:21:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F31E 1 KB
643 B 44ms
41ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 12:19:16 GMT
etag: 48472445140208031
expires: Sat, 21 Jan 2023 12:19:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame D93F 18 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:49:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D93F 0
0 70ms
68ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXueYR_Wn0RDVojkt904_w_WDc8KQbDDX6p3TyeKe0L_Ina0Eon_5tsIFG1bDRyMgxqizz7h-9C61SMEaA6_weCDe_FQ
Requested by: Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D93F 24 KB
6 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 08:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Jan 2024 08:20:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D93F 155 KB
47 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:55 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7A0C 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNx2AkpPKY76aIoGIzQaa76KwCMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBJUCT9Ah7lH-EqeL31onCOExMOHxdVMS56yobRxzUzzEvsxSiCmfwMtWasoWXoGDOEq-JfQJJvIOLUH29UydZSfS-IePG47yc93fqFrGXfBpoPIrX_5o5GuiH-1xYjsPTT2LLWvC70A3U5ouqLul5qrqbrt63OAwawR7QYDROEQIrYZp06CgJHdhSqvt0ONRwrC5Zaf1tTCc1MHUGx7ZYuIPnOmQ3hpOPgnB6jksZITSZWCnGq5lj9bDesUb4LpwBGvhy0UtLcd5GG8U6tPFjPYon7ozB0g_nz-EtMlyiNsi4K2wHSCwDTYrrl_XWuKY4FX5UoZ-PV1yRygR13Ukx-4ZPOjg2lRKJqAvIsZRv8xfw-hxNGwBPuAEAYAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjIwOTc1OTQ2NjIyMTA4ORjdzAk&sigh=gopVc444rOQ&uach_m=[UACH]&cid=CAQSPADq26N92Q0EoQsrBc4SiJ5wD-wFR9Haqdtb5234xPTpc86bzUFNdk-x5xFBMsNr5ROmtBqUugp06oqR4hgBIBM
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7A0C 0
0 15ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLKVEMc1rAL6AZ2DYgICAAAAUxd-uSvkPRQQkpPKYyi6oE7JSCu2f6jnABIAAA&wp=Y8qTkgAIjT4K00QBAAi3mnQp_YYhq8uFPu1Whg

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 225093
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 979E 169 KB
53 KB 132ms
125ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y8qTkgAIjT4K00QBAAi3mnQp_YYhq8uFPu1Whg&u=%7CVkjhEcWpcHwXJ%2F9IGcDXcUx38napo9GKUQ6IPLSXB%2BI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZEI8DIpo74891SWiZ6D39lrV3p1JfTM4JZCESYl7v74wV7BWPsaTUWgaVTt-eLYzyAkZFUU1-KX2geg64pVifedBDglgV9-IELcZ8_AyDXoxU_Vl4LFAjUn6j5Og6_TTHH2FYGn02OT6wGRTEz7poVt0F1q7Sn1e2ehTkG8A_vXLwCyLAD957nxYXiqV9pVhzUrCUm272DHCybjDJjUAklgpekBea4wsVpSlcgJKkOXRe69SL71qVQP8Ul6gg_trfeu32dvjfjREtITLkvvzGGv_pkw8STN6IFfHJsuWpKvSQ8MPtMeKUHOmQmdc6CAHtCaFJq-_O4gvqbAu6jvV8TejPxBCAqSZjDadaqMauIifF0YlC_3n51rMOQuryZ7vbQl2LNOWK-J-jLiNPjjPV7Ssfo05p4npl-GkM5Igvci4CxQhzVGmvZPa8-tmptZ5GBrJm56SC_PE8NmNOIgndhxvubwlu6oOOGqtNo9quk5uZgM9caxWiV7do5OsXFzbq3K4Ohb9sJzgDuZsD7LeOFpscDvoRNt5Qm-X8Nwdg8iI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCS8WakpPKY76aIoGIzQaa76KwCMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBJgCT9Ah7lH-EqeL31onCOExMOHxdVMS56yobRxzUzzEvsxSiCmfwMtWasoWXoGDOEq-JfQJJvIOLUH29UydZSfS-IePG47yc93fqFrGXfBpoPIrX_5o5GuiH-1xYjsPTT2LLWvC70A3U5ouqLul5qrqbrt63OAwawR7QYDROEQIrYZp06CgJHdhSqvt0ONRwrC5Zaf1tTCc1MHUGx7ZYuIPnOmQ3hpOPgnB6jksZITSZWCnGq5lj9bDesUb4LpwBGvhy0UtLcd5GG8U6tPFjPYon7ozB0g_nz-EtMlyiNsi4K2wHSCwDTYrrl_XWuKY4FW7UKfsutLuVJeNw9b0-kjhNfzqbF5kPiKb6vv3TXNB7_D0nugSgXzAuuAEAYAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fWTVKV1TcBTNz2X1r7ghDJSrrnA%26client%3Dca-pub-2209759466221089%26adurl%3D

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

59e568c1426e66ca48868b4e68be2adf8646cdde2d29524e6ce47f6eb0307e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=LWHMBeAFKZZIiFqyKq-9BASLx4hM1AYSPCPWIPgK0V0qN5oN1WNqYlq3Wq1rDh1vhDy9v7nL7LniR385AEqemFlQZ0jifjVmeYmxPBwdcvvT1Og_oMiZC9RLXwxJdDpVRFFZPQ8-BrPVqGRcyKbwvoH14acSSdGZ5W-cVUAv8gBiGjzvE2IiSkNixBsCG9CGoFB5rzcslBXfQtQcIA9kp1DHSmUtnhW8WbcIuqSsRi-CFSByueeL8d8Is0QS6VvyWGmJsg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 89023355
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 7A0C 3 KB
1 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 09:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 09:21:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2C51 1 KB
643 B 38ms
35ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 12:19:16 GMT
etag: 48472445140208031
expires: Sat, 21 Jan 2023 12:19:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 7A0C 18 KB
7 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:49:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7A0C 0
0 74ms
69ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ88ISBvWneo_P77_QQq9QXTQwUxrDExT9h13keFzSDEYeENpsP3zgw450Ss-YrFDbICPuYwN1_3a8BIZ_9SSxXop-oMg
Requested by: Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7A0C 24 KB
6 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 08:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Jan 2024 08:20:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A0C 155 KB
47 KB 137ms
134ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:55 GMT

GET
DATA 200
OK truncated
/ Frame D93F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd97769d56085453b6412d32f367a9426bc94b9506961e6158c87f108f443e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 1FEA
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1674220435628
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2351890742

70 B
264 B

32ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2351890742
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
etag: RX27d8741636c94aa089b8b32a79f428b3003
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2351890742
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEcjrR78sX6ruGitiD3hc3k&google_cver=1&google_push=AavPq0NK3a7yi8sU5i8L6Mfkn_nkboIFAQEeceaxAjOh_DmLKOLI1TlaNS...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0NK3a7yi8sU5i8L6Mfkn_nkboIFAQEeceaxAjOh_DmLKOLI1TlaNS6e6Mz18mZvab6bnJjBiaj2uPhn05A2x_z5mV_JXzx2l4IDuzZOeuk_f2CftdqTax_...

170 B
188 B

71ms
71ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0NK3a7yi8sU5i8L6Mfkn_nkboIFAQEeceaxAjOh_DmLKOLI1TlaNS6e6Mz18mZvab6bnJjBiaj2uPhn05A2x_z5mV_JXzx2l4IDuzZOeuk_f2CftdqTax_WeC5vv95ZIVjrvNnNdX7k&google_hm=PCrY4WDLP2An0cgqGseh2w

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0NK3a7yi8sU5i8L6Mfkn_nkboIFAQEeceaxAjOh_DmLKOLI1TlaNS6e6Mz18mZvab6bnJjBiaj2uPhn05A2x_z5mV_JXzx2l4IDuzZOeuk_f2CftdqTax_WeC5vv95ZIVjrvNnNdX7k&google_hm=PCrY4WDLP2An0cgqGseh2w
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAr3Simk4bFzZReNNQ853KA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAr3Simk4bFzZReNNQ853KA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mms1bm9TSzExUGlSZHA1&google_gid=CAESEAr3Simk4bFzZReNNQ853KA&google_cver=1&google_push=AavPq0Oi6s1VtaqSqpY8vPo-xeAy9S4F0FQ-CMG0Xgkg5wH...

170 B
188 B

71ms
71ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mms1bm9TSzExUGlSZHA1&google_gid=CAESEAr3Simk4bFzZReNNQ853KA&google_cver=1&google_push=AavPq0Oi6s1VtaqSqpY8vPo-xeAy9S4F0FQ-CMG0Xgkg5wHYSTD5pdFRmwnEzCXUolzcTAz7uCaaifd8wPbJZsRbsikZ5_d1AcDlGJb-kIfjeuVhuyMnQk1JiQN5QOVkkrV1i5RhzkdL0_II

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:54 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0d2fbe602de210bea@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mms1bm9TSzExUGlSZHA1&google_gid=CAESEAr3Simk4bFzZReNNQ853KA&google_cver=1&google_push=AavPq0Oi6s1VtaqSqpY8vPo-xeAy9S4F0FQ-CMG0Xgkg5wHYSTD5pdFRmwnEzCXUolzcTAz7uCaaifd8wPbJZsRbsikZ5_d1AcDlGJb-kIfjeuVhuyMnQk1JiQN5QOVkkrV1i5RhzkdL0_II
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcVSHqgYWsDOyIjeuTjkJY&google_push=AavPq0PdFjkJrZnlWByaZBxT7HOMwqfNIROf48ASXTnqj6k6xHM0fmicBo...

170 B
188 B

76ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcVSHqgYWsDOyIjeuTjkJY&google_push=AavPq0PdFjkJrZnlWByaZBxT7HOMwqfNIROf48ASXTnqj6k6xHM0fmicBo8uHoXIfe4Q_cUGEL7kRNQiuNVuoyMUY5MMwcD7oGT_TSGhqdOddqIY82B07cMa9eie7wO4WMuiuHB5SCJa9Ufs

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220044-HHN
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674220436.625590,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcVSHqgYWsDOyIjeuTjkJY&google_push=AavPq0PdFjkJrZnlWByaZBxT7HOMwqfNIROf48ASXTnqj6k6xHM0fmicBo8uHoXIfe4Q_cUGEL7kRNQiuNVuoyMUY5MMwcD7oGT_TSGhqdOddqIY82B07cMa9eie7wO4WMuiuHB5SCJa9Ufs
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F31E 70 B
264 B 53ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJiwFo1QqzvIJe1tEyN69Bk&google_cver=1&google_push=AavPq0MO_fgXO0q6ePx7PTr_tpfyKb50XpiMcpEdYn40YTVXHGjwzpKcSAEQ0kRP47pCyLoL8V3PhseYm5y4zjuw1mCxlqwsOck31NKTzpqiuBPudlbCWCuouz8IdqVZwT49LKWIdUkNJZrc
Requested by: Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yDPUS57nR-uzNac3jDtAdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

74ms
73ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yDPUS57nR-uzNac3jDtAdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0O64kBVk_aunqnnbe3XA50SDfhodFMcxIRFD5Wc5G_g7EPYqzkR0JrzOd1DPMhfEBVd6oNJx4jP8A8TBglvbkN-nZAbrji5um8YktZq6UmXWz0i5k9o4szpRtqbDqobBEdkvBsIPN8

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yDPUS57nR-uzNac3jDtAdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0O64kBVk_aunqnnbe3XA50SDfhodFMcxIRFD5Wc5G_g7EPYqzkR0JrzOd1DPMhfEBVd6oNJx4jP8A8TBglvbkN-nZAbrji5um8YktZq6UmXWz0i5k9o4szpRtqbDqobBEdkvBsIPN8
date: Fri, 20 Jan 2023 13:13:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJmPNkr1cnIRu_9tMX7QTFo&google_cver=1&google_push=AavPq0NdjbAQ26yT1es_xaYBNPpxedR7KbQEXH8jRnCwgfa0nKeNrv-cItXJ-8zOrAZAY87HI09DIoq5jpSl0EKm...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NdjbAQ26yT1es_xaYBNPpxedR7KbQEXH8jRnCwgfa0nKeNrv-cItXJ-8zOrAZAY87HI09DIoq5jpSl0EKmlwGzQbOlp8zHIri_Ii8k7_nFKOpWxERxuo8gdjJ6jYdp...

170 B
188 B

71ms
70ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NdjbAQ26yT1es_xaYBNPpxedR7KbQEXH8jRnCwgfa0nKeNrv-cItXJ-8zOrAZAY87HI09DIoq5jpSl0EKmlwGzQbOlp8zHIri_Ii8k7_nFKOpWxERxuo8gdjJ6jYdpGU11bSmTo3iL

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 20 Jan 2023 13:13:55 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NdjbAQ26yT1es_xaYBNPpxedR7KbQEXH8jRnCwgfa0nKeNrv-cItXJ-8zOrAZAY87HI09DIoq5jpSl0EKmlwGzQbOlp8zHIri_Ii8k7_nFKOpWxERxuo8gdjJ6jYdpGU11bSmTo3iL
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: sbsATRJGy6CR5stCieNkiNnanIZwjJF-6rBNLHP_reps2_oRJw0fFg==

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame F31E 0
45 B 129ms
17ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOcIXAJHzL4TdBwLOB-2ugE&google_cver=1&google_push=AavPq0OL-mPjXvuSGpWD9WE-WA2zRfXBPvupSyIprVG_tWxjW9C9R4sBC0LJElTYy_nCCqxxfx6FbgIdUatfxv37EatNLUGR5cLMAzefTm4HBUxRvnZfOiWPf1WxD-LS2t1gD28qC2Ip3BN7
Requested by: Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F31E 0
50 B 72ms
68ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-13zA7oYPRXoIe5_j6Ov0k6SkD8Ngt21J6uFEwu3KXHKMe-EzGSY074GXytahVE0yi_RR

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 01C0 90 KB
11 KB 32ms
23ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j8bx3wmyk62zx86a48yh3y3dmma47vc7w26fb52cca10garzpj9910vrw6g56h3h1psrw4pnf33se78y117yxgm4898pz9c9e3bfqf81y119mh7wznhasq233mwcyvv6j6r98pzaymz70zcfhthzdp32mdckfgcszvnymkwdkhzp7ath8x4q0j41v2a6bfq7j8j6xmfjwbjjd073sst9p9e1wy2v6p2e8144r4tc7gc0k69g8ec8aakz7w8xesr53ypetqpaftx50z7dzsbs66vz4vkzy28hcfct7rwgxaqgba9x3j3p2cnm40qxm91g6bd5aj2zbgfbn74a0p6h0qsn5wagq01vn7mg3x6em5pvvnv1j239c27zwrbvf5npx7dsm1f11va5kxk1xbdq8v2xz8kkwnzb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%26client%3Dca-pub-2209759466221089%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j8bx3wmyk62zx86a48yh3y3dmma47vc7w26fb52cca10garzpj9910vrw6g56h3h1psrw4pnf33se78y117yxgm4898pz9c9e3bfqf81y119mh7wznhasq233mwcyvv6j6r98pzaymz70zcfhthzdp32mdckfgcszvnymkwdkhzp7ath8x4q0j41v2a6bfq7j8j6xmfjwbjjd073sst9p9e1wy2v6p2e8144r4tc7gc0k69g8ec8aakz7w8xesr53ypetqpaftx50z7dzsbs66vz4vkzy28hcfct7rwgxaqgba9x3j3p2cnm40qxm91g6bd5aj2zbgfbn74a0p6h0qsn5wagq01vn7mg3x6em5pvvnv1j239c27zwrbvf5npx7dsm1f11va5kxk1xbdq8v2xz8kkwnzb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%26client%3Dca-pub-2209759466221089%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 165588
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7yo6shsPzuBN6nfPoKbtK0EAEhB8ojfbDhxPOXJWjgFawEjGJMXkoc%2BGCPKyNNCmFC2Y1nTguIaGFcy4m5gOPK84N5menm3%2FxIZPG3EauYDnJYlGHNltUODUliKLXtDwjqMiWaoVNY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78c811faac039962-FRA
expires: Fri, 20 Jan 2023 14:13:55 GMT

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 01C0 35 KB
12 KB 36ms
22ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j8bx3wmyk62zx86a48yh3y3dmma47vc7w26fb52cca10garzpj9910vrw6g56h3h1psrw4pnf33se78y117yxgm4898pz9c9e3bfqf81y119mh7wznhasq233mwcyvv6j6r98pzaymz70zcfhthzdp32mdckfgcszvnymkwdkhzp7ath8x4q0j41v2a6bfq7j8j6xmfjwbjjd073sst9p9e1wy2v6p2e8144r4tc7gc0k69g8ec8aakz7w8xesr53ypetqpaftx50z7dzsbs66vz4vkzy28hcfct7rwgxaqgba9x3j3p2cnm40qxm91g6bd5aj2zbgfbn74a0p6h0qsn5wagq01vn7mg3x6em5pvvnv1j239c27zwrbvf5npx7dsm1f11va5kxk1xbdq8v2xz8kkwnzb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%26client%3Dca-pub-2209759466221089%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78e99d887a74e2a58d9264a0a15b2953f5ecb5b70838cbaab5a3869a76f8c706

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 252557
etag: W/"6080661f69dc3db9c889ba58b02808d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFHBUMi8IZ850cNYoBs0%2BzJw4F%2F8i%2FVCMxAwDb3b2NDkBAG2JYfN%2FKGK7%2BPOUYmo2GpbBxz4bl42%2FKOBarae%2BtGIsONbUtzU4lc7Q%2B0PiRINmVhnfpo%2BkVeX7r%2B%2FijGvu49AQ1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78c811fabc119962-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 17 Jan 2023 15:04:38 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0B53 107 B
122 B 58ms
57ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0B53 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0B53 20 KB
9 KB 396ms
395ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3478000997613274&correlator=4478452816996121&eid=31071523%2C31070232&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=229445249%3A1067277%2CDWTag-DFPNew_RS75_Boxofficeindia_DWV_300x250_180321&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=210909084&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Da933d67a1d159c4c%3AT%3D1674220432%3AS%3DALNI_MaykqGtoMb-Emty8EET0yvaZ_73mQ&gpic=UID%3D00000bc71b5338d7%3AT%3D1674220432%3ART%3D1674220432%3AS%3DALNI_MYz8W9y1s997GbKJ1c1AYgkt-L8Ug&abxe=1&dt=1674220435625&dlt=1674220433716&idt=1892&adxs=980&adys=253&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=1aj4a84rzbyw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fboxofficeindia.com%2F&top=boxofficeindia.com&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=461281065.1674220432&ga_sid=1674220436&ga_hid=323696411&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpODB-twwSABSAghkEhkKCnB1YmNpZC5vcmcYtePB-twwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKTgwfrcMEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lXR1p3TmtOUWVtSlJOR2xFVVUwelpWUXpkVzAzZHowOUluMD0Y1-jB-twwSAASGQoKdWlkYXBpLmNvbRik4MH63DBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfmwfrcMEgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1a885b8646df6c2cfeecc707a28e29072dc80de25d95d11068ee14b7b71976b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
google-lineitem-id: 5990130883
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138388911453
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
93f36cf275c6e8455ca665027ed16421.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FEF9 6 KB
3 KB 97ms
80ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93f36cf275c6e8455ca665027ed16421.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:55 GMT
expires: Sat, 20 Jan 2024 13:13:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C51
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEcjrR78sX6ruGitiD3hc3k&google_cver=1&google_push=AavPq0O2tJiZdNZa82_FTsTdViGG7KwcjYAGmTNlojcyd73ODBwHGldS32...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0O2tJiZdNZa82_FTsTdViGG7KwcjYAGmTNlojcyd73ODBwHGldS32PPa-IRWoQRGpO1Ah8K_y_4GHrd-5Gi7x2jE5b9gIIjASUzWGsVRQAQaZu1Oao49qH...

170 B
188 B

81ms
81ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0O2tJiZdNZa82_FTsTdViGG7KwcjYAGmTNlojcyd73ODBwHGldS32PPa-IRWoQRGpO1Ah8K_y_4GHrd-5Gi7x2jE5b9gIIjASUzWGsVRQAQaZu1Oao49qHzIUH0FVN2vjnQHodpV84&google_hm=PCrY4WDLP2An0cgqGseh2w

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0O2tJiZdNZa82_FTsTdViGG7KwcjYAGmTNlojcyd73ODBwHGldS32PPa-IRWoQRGpO1Ah8K_y_4GHrd-5Gi7x2jE5b9gIIjASUzWGsVRQAQaZu1Oao49qHzIUH0FVN2vjnQHodpV84&google_hm=PCrY4WDLP2An0cgqGseh2w
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2C51 70 B
264 B 34ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJiwFo1QqzvIJe1tEyN69Bk&google_cver=1&google_push=AavPq0Mzc_FXnaDvQv010GKEJVQexdNJTaXs3wVklagMAlJSspy3i1jt3eK0lENOVYEdKq28NF5UPxB6bZywdDt476z5aA4dmMY6uc4bIntpparXTELp94sl4fbKla_XVi0j996XVG1BJiU2
Requested by: Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C51
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELa0cPxAH0-1Ln8j9-0-UoI&google_cver=1&google_push=AavPq0PLxEo09qlkqHdMDrmAGtLrp7qvWWxyKCOg36W-oLcR7B4PfZ-Pv9mNVFqaIgzD0ATZGPJXW82kpuU24qq8HnIKVFH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PLxEo09qlkqHdMDrmAGtLrp7qvWWxyKCOg36W-oLcR7B4PfZ-Pv9mNVFqaIgzD0ATZGPJXW82kpuU24qq8HnIKVFHIQwEM39v-nA6RiwZf75bn_1nqiHfLRfXqXBFMt...

170 B
188 B

76ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PLxEo09qlkqHdMDrmAGtLrp7qvWWxyKCOg36W-oLcR7B4PfZ-Pv9mNVFqaIgzD0ATZGPJXW82kpuU24qq8HnIKVFHIQwEM39v-nA6RiwZf75bn_1nqiHfLRfXqXBFMtLqtEj4VWQ3f&google_hm=eS1XM2doZldoRTJwRUNfTW8yVlRZdjAzMFBqam1kUS5MU35B

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PLxEo09qlkqHdMDrmAGtLrp7qvWWxyKCOg36W-oLcR7B4PfZ-Pv9mNVFqaIgzD0ATZGPJXW82kpuU24qq8HnIKVFHIQwEM39v-nA6RiwZf75bn_1nqiHfLRfXqXBFMtLqtEj4VWQ3f&google_hm=eS1XM2doZldoRTJwRUNfTW8yVlRZdjAzMFBqam1kUS5MU35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C51
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEIWSVpQTsWsIISnFjoTT1b8&google_cver=1&google_push=AavPq0ORU6nVgag4RtXYHtusvZcBKHMqLwhlQPFEzAUXq2BZdcqCuKvk_ujS01is4DxKFG0a4AuXE_trHUcw8yvAP-IW8zl...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0ORU6nVgag4RtXYHtusvZcBKHMqLwhlQPFEzAUXq2BZdcqCuKvk_ujS01is4DxKFG0a4AuXE_trHUcw8yvAP-IW8zl1ioZHyXp...

170 B
188 B

81ms
80ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0ORU6nVgag4RtXYHtusvZcBKHMqLwhlQPFEzAUXq2BZdcqCuKvk_ujS01is4DxKFG0a4AuXE_trHUcw8yvAP-IW8zl1ioZHyXpF-5tM1yIJJ1YE4att46cV7BnlaFwN2ZxebqZ5BuY

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0ORU6nVgag4RtXYHtusvZcBKHMqLwhlQPFEzAUXq2BZdcqCuKvk_ujS01is4DxKFG0a4AuXE_trHUcw8yvAP-IW8zl1ioZHyXpF-5tM1yIJJ1YE4att46cV7BnlaFwN2ZxebqZ5BuY
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C51
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOJBhkneEUepTI5Su2ySZxM&google_cver=1&google_push=AavPq0NAhZZSvWU68cy-UtJVStGunSj3Z5gb2SIC3pAJAllZ3ypHULz9IRp9iiG08bBBm4p7V0vDpYlan-KW...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NAhZZSvWU68cy-UtJVStGunSj3Z5gb2SIC3pAJAllZ3ypHULz9IRp9iiG08bBBm4p7V0vDpYlan-KWtZEShnvhsA98ZtYUesjSCEyyJVUOzPh-KnVN...

170 B
188 B

98ms
97ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NAhZZSvWU68cy-UtJVStGunSj3Z5gb2SIC3pAJAllZ3ypHULz9IRp9iiG08bBBm4p7V0vDpYlan-KWtZEShnvhsA98ZtYUesjSCEyyJVUOzPh-KnVN4tyv-BdiNHiPEfSwoA88oxc3

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NAhZZSvWU68cy-UtJVStGunSj3Z5gb2SIC3pAJAllZ3ypHULz9IRp9iiG08bBBm4p7V0vDpYlan-KWtZEShnvhsA98ZtYUesjSCEyyJVUOzPh-KnVN4tyv-BdiNHiPEfSwoA88oxc3
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C51
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED1zxF5t8umiILxhrCxZVh4&google_cver=1&google_push=AavPq0PeTfN_7m5wJQ1oHuDHNNdYzvQm0HO_zWa_d6_0oDTF4Jc-ajrto-y5J3tHY14zv4pTRbg5ydgx53PzXLLAucjtHPpdmF...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PeTfN_7m5wJQ1oHuDHNNdYzvQm0HO_zWa_d6_0oDTF4Jc-ajrto-y5J3tHY14zv4pTRbg5ydgx53PzXLLAucjtHPpdmFE...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgyODk2MTExNzY1NjI4MzQ0ODk0Mg%3D%3D&google_push=AavPq0PeTfN_7m5wJQ1oHuDHNNdYzvQm0HO_zWa_d6_0oDTF4Jc-ajrt...

170 B
188 B

71ms
70ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgyODk2MTExNzY1NjI4MzQ0ODk0Mg%3D%3D&google_push=AavPq0PeTfN_7m5wJQ1oHuDHNNdYzvQm0HO_zWa_d6_0oDTF4Jc-ajrto-y5J3tHY14zv4pTRbg5ydgx53PzXLLAucjtHPpdmFEJOHagAtFC3VkRsqVbJdRbDMa2BRjsi5eqHspiphczxyA

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgyODk2MTExNzY1NjI4MzQ0ODk0Mg%3D%3D&google_push=AavPq0PeTfN_7m5wJQ1oHuDHNNdYzvQm0HO_zWa_d6_0oDTF4Jc-ajrto-y5J3tHY14zv4pTRbg5ydgx53PzXLLAucjtHPpdmFEJOHagAtFC3VkRsqVbJdRbDMa2BRjsi5eqHspiphczxyA
date: Fri, 20 Jan 2023 13:13:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C51
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEI7JZq58ocj9mRKAQBMzuIM&google_cver=1&google_push=AavPq0O62gL3cNwRZ8TReI9niD-bpdcAZDoxU6ERifbcb9beufOiwTeNg3M927IiD5fVDlhHpp...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEI7JZq58ocj9mRKAQBMzuIM&google_cver=1&google_push=AavPq0O62gL3cNwRZ8TReI9niD-bpdcAZDoxU6ERifbcb9beufOiwTeNg3M927IiD5fVDlhHpp...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xVnIwbDNKRTJ1R2JpVmZZZmVvUnFzUFJiX2M5TFdyZH5B&google_push=AavPq0O62gL3cNwRZ8TReI9niD-bpdcAZDoxU6ERifbcb9beufOiwTeNg...

170 B
188 B

71ms
71ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xVnIwbDNKRTJ1R2JpVmZZZmVvUnFzUFJiX2M5TFdyZH5B&google_push=AavPq0O62gL3cNwRZ8TReI9niD-bpdcAZDoxU6ERifbcb9beufOiwTeNg3M927IiD5fVDlhHppBbi8y3F8SXYhCPodxJwwenpQXzDszynO5EWMnFdLCFzqwaXLl3e-g85hbwj-XB6c8T4Z5zXQ

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1xVnIwbDNKRTJ1R2JpVmZZZmVvUnFzUFJiX2M5TFdyZH5B&google_push=AavPq0O62gL3cNwRZ8TReI9niD-bpdcAZDoxU6ERifbcb9beufOiwTeNg3M927IiD5fVDlhHppBbi8y3F8SXYhCPodxJwwenpQXzDszynO5EWMnFdLCFzqwaXLl3e-g85hbwj-XB6c8T4Z5zXQ
date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2C51 0
49 B 68ms
67ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lbr_Glfzt0HfEWhYhWwtXhmERrtTJ_qPQJLA_7hxjs2wZ7JDkRziNe0zaaSr8TuDT_92Kjpg

Requested by

Host: c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com
URL: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 0945 0
260 B 66ms
15ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame AC54
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

182ms
176ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H2
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 Jan 2023 13:13:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 979E 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y8qTkgAIjT4K00QBAAi3mnQp_YYhq8uFPu1Whg&u=%7CVkjhEcWpcHwXJ%2F9IGcDXcUx38napo9GKUQ6IPLSXB%2BI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZEI8DIpo74891SWiZ6D39lrV3p1JfTM4JZCESYl7v74wV7BWPsaTUWgaVTt-eLYzyAkZFUU1-KX2geg64pVifedBDglgV9-IELcZ8_AyDXoxU_Vl4LFAjUn6j5Og6_TTHH2FYGn02OT6wGRTEz7poVt0F1q7Sn1e2ehTkG8A_vXLwCyLAD957nxYXiqV9pVhzUrCUm272DHCybjDJjUAklgpekBea4wsVpSlcgJKkOXRe69SL71qVQP8Ul6gg_trfeu32dvjfjREtITLkvvzGGv_pkw8STN6IFfHJsuWpKvSQ8MPtMeKUHOmQmdc6CAHtCaFJq-_O4gvqbAu6jvV8TejPxBCAqSZjDadaqMauIifF0YlC_3n51rMOQuryZ7vbQl2LNOWK-J-jLiNPjjPV7Ssfo05p4npl-GkM5Igvci4CxQhzVGmvZPa8-tmptZ5GBrJm56SC_PE8NmNOIgndhxvubwlu6oOOGqtNo9quk5uZgM9caxWiV7do5OsXFzbq3K4Ohb9sJzgDuZsD7LeOFpscDvoRNt5Qm-X8Nwdg8iI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCS8WakpPKY76aIoGIzQaa76KwCMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjIwOTc1OTQ2NjIyMTA4OcgBCakCUepBnQ0xsj7gAgCoAwGqBJgCT9Ah7lH-EqeL31onCOExMOHxdVMS56yobRxzUzzEvsxSiCmfwMtWasoWXoGDOEq-JfQJJvIOLUH29UydZSfS-IePG47yc93fqFrGXfBpoPIrX_5o5GuiH-1xYjsPTT2LLWvC70A3U5ouqLul5qrqbrt63OAwawR7QYDROEQIrYZp06CgJHdhSqvt0ONRwrC5Zaf1tTCc1MHUGx7ZYuIPnOmQ3hpOPgnB6jksZITSZWCnGq5lj9bDesUb4LpwBGvhy0UtLcd5GG8U6tPFjPYon7ozB0g_nz-EtMlyiNsi4K2wHSCwDTYrrl_XWuKY4FW7UKfsutLuVJeNw9b0-kjhNfzqbF5kPiKb6vv3TXNB7_D0nugSgXzAuuAEAYAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fWTVKV1TcBTNz2X1r7ghDJSrrnA%26client%3Dca-pub-2209759466221089%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 979E 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 979E 308 B
636 B 19ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 979E 293 B
621 B 17ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 979E 43 B
347 B 20ms
20ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=f9qo6onIsWVZ8cvIipgUU9wqMAQcVREbnnUxB2EwaPJMdIPOzOyH-H_dqA-iDzXFr_YdTxvZMr6ssrFJiP22qUxRGIn4HkKbHeFVgM0L6hjtSPh0FppOvgilnazqn0vVJLokNubm_ABGFjLHmiIoq5AJgpCdxegYAqkatrr4osO-twGZeflbpEU6ni-AG5ItXgxFfK7qfRlUOBTi6uzQtxSeb1mD7bVJKmpwJm5lVxI1DuA1VqeHQ937Dp487DOvPLVQtE7Kcizyz2Jd_hoDbRcekbqmhTndCowLW40iO7NnlMs0BO91pJp108WOXwuWAAlljTIsCVabl902GF-IeQ1H2-LXJLsueLfB3JzcU-Rvq6S5C-F3QvbY7r_9NF0ikrsV08a-nbNXZ4iP5phKeEgHKhqP4wHf_RJwk6OWAoaIYcfr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4442123
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 979E 43 B
1 KB 51ms
19ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=63ca939341b4f2b61aab6ee6636d185a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 20 Jan 2023 13:13:54 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 20 Jan 2023 01:13:55 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ads.eu.criteo.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1051
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6ABB 42 B
64 B 147ms
147ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBp_57rVtpqa90DLh4G9-bDEeKqPhIGCar5CrA1AuwTlRM8pMX2L9SAi0r2-XtY0UL1fRNNhC-9I2cFm2hZ_LI5GJjSeS9yaLpfXmrC_mXeSV0zLy5&sig=Cg0ArKJSzBolawjBvNl1EAE&id=lidar2&mcvt=1114&p=253,980,503,1280&mtos=1114,1114,1114,1114,1114&tos=1114,0,0,0,0&v=20230118&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3949431089&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674220433284&rpt=1307&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7A0C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84ae50ec2d7486991db81cd225195216be3d73cfc1fdc5920b40e2e729bcecc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 75C4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

174ms
174ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H2
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 Jan 2023 13:13:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 979E 2 KB
854 B 16ms
14ms Stylesheet
text/css 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e0-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H2 200 sourcesanspro-700.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 979E 2 KB
854 B 21ms
20ms Stylesheet
text/css 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:06 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e2-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 979E 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 979E 14 KB
14 KB 17ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

fe30b0eb242d447979902ed77ec663d5fe6c39688b11b3c0ab3812c4f854dea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=7145923
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13908
expires: Thu, 13 Apr 2023 06:12:39 GMT

GET
H2 200 81943893d3ed4c44b633d518900edfa0_cpn_300x250_1.jpeg
static.criteo.net/design/dt/8721/221221/ Frame 979E 3 KB
3 KB 22ms
20ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/8721/221221/81943893d3ed4c44b633d518900edfa0_cpn_300x250_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1d1de35de1f5b58c6bcd6e2e85e5aa09b295195c3072354818bdac0daaf9d963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 21 Dec 2022 16:33:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a33540-bf8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 3064
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H2 200 842522691a4241f79d4013fbd6643565_cpn_300x250_2.jpeg
static.criteo.net/design/dt/8721/221221/ Frame 979E 8 KB
8 KB 20ms
18ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/8721/221221/842522691a4241f79d4013fbd6643565_cpn_300x250_2.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

303d28ad72ef0b15cae00c64f48311569bfc2bd16cd07636686a80533d9bd0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 21 Dec 2022 16:33:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a33540-1e95"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7829
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 979E 12 KB
12 KB 18ms
16ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=8721&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=596&s=ZNC5qCXzXzLlL0VvsaFJNhs4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f37f0d081e4853168ab6a3c677d87eb30311630d8f13df5f051cfb92218d25fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28900321
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12330
expires: Thu, 21 Dec 2023 01:05:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 979E 15 KB
15 KB 19ms
18ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F7%2F100133162017000_0_1658162528573.jpg&v=3&w=400&s=fdhZ92CHAsJ18tHxyCgJVsIG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

78628b0e639f38f5d609c33f3ec87498dc27834d57d0bb87e3ca690e691efe01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=5855842
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15262
expires: Wed, 29 Mar 2023 07:51:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 979E 11 KB
11 KB 18ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F9%2F100133434016000_0_1663601315729.jpg&v=3&w=400&s=sA778V4vZEXXtT2UJUVdWgyw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d53d08fe3c64ef2feaa38b1676eb5ed01768b7d51cfc33aaa82700cde4acd5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6619811
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11006
expires: Fri, 07 Apr 2023 04:04:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 979E 4 KB
4 KB 25ms
24ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F7%2F100129629916001_0_1659032506810.jpg&v=3&w=400&s=c9Rbm0CBNDH1rczlCmB-nXtm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4a797dbbb0bc3d67ad80a1469d90589c56eb38edc5dd802c669b977641e52429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6511867
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3704
expires: Wed, 05 Apr 2023 22:05:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 979E 14 KB
14 KB 25ms
24ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F9%2F100136695118000_0_1662715583795.jpg&v=3&w=400&s=zvz4z4HEUOmL3047nDcTyszD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cb5d751086e15d94c101c34d998b763ece3b1e4f7afa0d3fef886f1b7ba6daf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6128106
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14172
expires: Sat, 01 Apr 2023 11:29:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 979E 11 KB
12 KB 24ms
23ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F9%2F100138623519000_0_1664442266194.jpg&v=3&w=400&s=avLMFFZY6GhgfX-ovzwAxGe4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f8e5c367ee6ddc7f277556cb89dde0a293d0b7ae306ce09131951e3ad7698495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6732767
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11516
expires: Sat, 08 Apr 2023 11:26:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 979E 0
127 B 17ms
17ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=LWHMBeAFKZZIiFqyKq-9BASLx4hM1AYSPCPWIPgK0V0qN5oN1WNqYlq3Wq1rDh1vhDy9v7nL7LniR385AEqemFlQZ0jifjVmeYmxPBwdcvvT1Og_oMiZC9RLXwxJdDpVRFFZPQ8-BrPVqGRcyKbwvoH14acSSdGZ5W-cVUAv8gBiGjzvE2IiSkNixBsCG9CGoFB5rzcslBXfQtQcIA9kp1DHSmUtnhW8WbcIuqSsRi-CFSByueeL8d8Is0QS6VvyWGmJsg&sds=2&rev=84230&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 979E 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 979E 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 143ms
142ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011101&jk=1312335167255230&bg=!dHeldzPNAAYDMoyoIzI7ACkAdvg8Wri-SZX7r2EGMO6Y227fiEIbXbM8nW1U2-tpe-_kTVcgQqJ4qQIAAABkUgAAAANoAQcKAPOTFK7MkSI4ZZof97SyPp-v59yQo92DCJcdMElvqiezAkqPVshTPbGCjM3VMgLWyIBZqtF1uCPeKPGoJaA3z5MJvVWrZ3SD3AQXpyJYTB34oQOZ8NKIlyHavun75FAeYJ2eWub8KcIp1p3A5rwQ-Om0E6obDCioiAGzKLMpIZpet86MlBN73wo5bz_xBTCh-P6MyVXHkc6bwSieFND1ftpnt5xU5W24QBLSos5134sre_cYmlnb3IszWWhMLYOPTehSwpm-x-Bf0PYLg71Ad1nLvyLHn9lJ702jKGJMBPxS2RhcFX2xfto32sNPTpuceqZ2cNyZAqex_AgihfJErs1eSq2bByxjdeAu4gQ1jcWCCFFDpA827EZbjc9QxbVQdHE4zvZ71iUcYM2gmT8f-PEunlr7pNM8iThhWHxJjE3yQfl5McfCPtWczAjD7RZpsaDxM43MSRe-s8rXpCqEkFk4e_B_FxWpvZQfDIJAQ6LADj-_9FP8e1ArsWqY1-By8cBG6efdDLmZ7RU9Pd3jTBh7arR3CPQ0bquQhzwp_YcBSBltEaELo0DoflZmJlFX42QO7rxtw8KdnUGJaIzquSAATqzxxDswz8yNWlpmQO8zX2LtM2qeivQOKdPYoYPtwtholnL31oDfOzRkAlaYPgTlhFMNtPhYUHKjNdl5DOYcdQZJCmylgBBma-j1ul75iZbsfeRi8v1UWLxAj0OUfWKvcA3L57w6VNibUc6vRGIVQmw-qfgwfLuTiHhEUtZ3TImqRDa4_lh7wNvPHRdOuYm8yIVl3auhbqchWWgtvKkXsA6zlHlC3C3DVypHYxxyZ8j2aZTIiHLX8wy_zdlPbTMThhRacEMJkuMS8IQxFivycP0XyKDJ4uRDHqU4d-7FAcMbSbOrvah90CnEvFo_ugiZ8O3k7MATdXFY8fjCAx9X3PiKV0NIfD-VEH5wJPvmEm_jMzp5b9xxwarpvRCDgwi_xBtxlrZ4YQt25hqYe3xtOk6REQTwwdn5rOL23Qw_zMP6txs2-mt6sLLp08GP_BSKCWOjcTl44QvKWrqmO1xuUKlA7yuJZUcktzJm31ujSGROHHBmoePiilhgieTeE7ry0j0i0_XF3J8L2nwupqA7RfoHn7RyvqjW3MlY4uF4IcFvwv2iQGgac7MIACgtCR3mq_VX9sDLR_6VEQzWEC3Y0vU5L520w2aPQoF78cS0Wc3N6V2AceTvEEf4qAHJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 01C0 3 KB
4 KB 56ms
19ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31124717
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FrRmYzaEwVptzhtYG8CggcH90gFlUTGFwpTNL8jVBgItEpETBY5hunks65si5J1MYepS7guhYd474UgXFr%2B5z3XAictDvPOlBZ1cfA3VXQ5ro9blZ%2Fy%2FAKgv3uiACaSvF8OvPq12jx7mXjHS3HRhm60"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78c811fced009960-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame 1FEA
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%25%25VGUID%25%25
https://us-east-pbs.automatad.com//setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=Y5kP5YTBu5Vt&ev=1&pid=561205
https://us-east-pbs.automatad.com/setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=Y5kP5YTBu5Vt&ev=1&pid=561205

0
661 B

97ms
96ms

Image
text/plain

143.244.214.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=Y5kP5YTBu5Vt&ev=1&pid=561205

Protocol

Server

143.244.214.118 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=Y5kP5YTBu5Vt&ev=1&pid=561205
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 134
expires: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame E7DD 2 KB
1 KB 25ms
25ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2438832
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78c811fd093b2bde-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 13:13:56 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsqlapZvtFU3GRfTcDu1nyDRIJb%2FwDRDHnITBl0tOFX0GR0Ug3XoIdLuRpiGNWgWBeLIOLWZATxeob6EAzmBCw6y9IYb38stIUI7IEY4ET1DgMxsIQLbrEZj1Xx%2Fe8dqzEtURLA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 979E 13 KB
13 KB 18ms
17ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1df-32ec"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:56 GMT

GET
H2 200 sourcesanspro-700-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 979E 13 KB
13 KB 21ms
21ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e1-327c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Jan 2024 13:13:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8BD7 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqcwY-r6f_EQThRwHrL05AjgbtedmgvFA3PfbDKP1Hep80oSmnwib7AdIQ2ClgJzY_SYus33j9JTIOsJ9IqMsQgfHTYWj2diFMkQrIYOaRHD6nchmx2MoB5cRknAJ1iNRY4QQXWcFzi4SfuRJjW1oG3MZ8kTrob6i-CIaVzhC-8v_jckKsKyt6vlyUNLhvCccZDN2ljk1-sVsjyIUoJEZ1tG0mCvfSVntFaoKKEVMn_2u8V7zSVnblcRf9pQb3maeSasP9r1XHnh8GXZ6ttbBcNNDi3OXK0g53ZqMqIj-t4XXLF07efxF_j9yJmVAVCHdWO26Oalf3NEWr203YLSnUvyL2TPMpDshNXIq3BF5dMo7Qxidqu2jUvE-LYfsEZQ&sai=AMfl-YQKG6uASo8qk8DgXNInIHUFDRkhiFOTedPmfefKT92LITkZ9vouBVezRz3mx0r0t-AnkMCL4sqeywsLs3IYwZXpZOKbehj9y-bOf6xTxfjPs16-o9c_d5GVA8WS1UnhEw&sig=Cg0ArKJSzMdrzXa819r6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 t.js Show response
fantoly.com/ Frame 8BD7 55 KB
16 KB 54ms
8ms Script
application/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b18a1b380949bcb3167ac8e9023fa146b000aaeef1a3e7d0e473c0eb26130f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: d9TUuNfK07FAhZMLfVt8QhlIP0dGzjFx
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
date: Fri, 20 Jan 2023 11:59:29 GMT
last-modified: Tue, 17 Jan 2023 11:58:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4482
etag: W/"40b4331e9e2a1d8b2f52cc188cd1855e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: D0gQe5j8PPbj8fhWYCbu_aThtjORGocoyH4mmr4q9M9X6TA0WPzcrQ==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8BD7 155 KB
47 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:56 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 01C0 2 KB
2 KB 44ms
43ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e896c3e56a0bf23e203daa42b711ed120528dbaea14d94ccaa87c4014c4dda3e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWADw13NZcFapUDlS0zYicXBmhRHzY3nTJQDc10CuiYAfMvVWLeiMHXZsEc10lKu54K8%2Bw%2BA%2BePlEHqAKHnGzSmE%2BcUHvOaRTotf3zrqPqQJodlil9HFjlEm1AbDfHwhIUvXcMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78c811fdff649b63-FRA
x-backend-server: aa-reachservice-group-europe-west1-gxt5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 56ms
39ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78c811fdbef29b63-FRA
content-length: 24
content-type: text/plain
date: Fri, 20 Jan 2023 13:13:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIS1hZSVA2sa0My2wi1tZsZpBRx0QxBvVGN7nPgDJt89dcTGs2lWWSC6jzvvqTzxSW2NcMrV8OgaXEEmFzZxbNLcQJqTvekH7uaMNNKMUQ6%2BUqVf2tLMtkh%2BHdHhApd0SYkAi%2FA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gxt5

GET
H2 200 ivlloi69yiz903e8suz0m.json Show response
fantoly.com/c/ Frame 8BD7 2 KB
2 KB 38ms
22ms Fetch
application/octet-stream 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/c/ivlloi69yiz903e8suz0m.json?cb=1674220436113
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 778662c82ba6107762cfb8560a7b98470258c88e89288b43ae16294e2e9cb6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: kY3H9ST2WaVKYqNp_8iTlUjVzUV0O9ag
date: Fri, 20 Jan 2023 08:03:17 GMT
via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 18640
x-cache: Hit from cloudfront
content-length: 1716
last-modified: Thu, 17 Nov 2022 18:50:07 GMT
server: AmazonS3
etag: "e5779fa66901a4ef028ac4458e0f9062"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: zjAwhasxp0zfBAPvuJH4ZgZMQeYSAyxSV0K8oxrKte5IP-pS5mo7bA==

GET
DATA 200
OK truncated
/ Frame 8BD7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ae8ce88edc6d760f26507e815589428fb3889e60b7a90ea2f9f360163cab37c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8BD7 0
0 88ms
88ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFhka89Ojd84WYAQpG6xkTGGJdnfejlq5O3xxV86PHbIgI6lcNEykd0oZFIBChb469IJs4RsioVoqjgjXta974_ioOAVV9AxElXzX5qpQzhh7-uMysfoXE6VzTOZvQkWdpKVRWlTkclr_9uXHi8QrwvFa8P46plWjplOLTomVsPPHNnXWI3NTH_tMkAJmWm1zGXL9VB493RbVy2esJXT41F-HjudtHDTpvcNHM9k7lF1DWKjvxDRZhRfaAh61E5h78A6yBtQzt9Zd2IIzVfCIGhE9NfCts8K55kJdVCToi4UwekvyF28Hgs6PhE07Y2tRdeBJW0-oed6939ah9pFrQCAqTibwDHdyNl5hdLKfmFYEJrtetxSZbWtfW2cMuFswL&sai=AMfl-YTIQ_ekheRwn25Zt5e2F0Iv8fycxz4OGmWcXhibOoMBS1KpCLrfzDTbsEVaM5Iz0h79sLOqhJ7wqv012f3Qqbf5vmSTrymCoLVGiVwDFtEgltRqLUlv0fdIpxwf06bKKA&sig=Cg0ArKJSzJjVhtrOiRkdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:56 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 81F0 81 KB
27 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b21408e989c93534f6150ac82b97d2585276646a562be8a55b5b5090bc66e40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27774
x-xss-protection: 0
server: sffe
etag: "1457 / 640 of 1000 / last-modified: 1674216594"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 20 Jan 2023 13:13:56 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 81F0 424 KB
122 KB 76ms
34ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHzCZUwFKhrBrSa4goLVez4f1PMQ5%2F0nPT2pz7l2HW4Pz5KwAB2k8mpdN2ENxJkcnulJQYcRamsJP5pynH7bDXEg3hs67AIOj7Gv6vg34Wvf%2F7tnECeXNh5aPuetxAxrsicCIZqTE0fophE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c811fe8bbf916b-FRA

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 539E 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=ghhpmf&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: PsoBWXlJM6au-L32H8ag2UpLpqKL-nQE1m-Xz2Sy4N5e_VFaHPfdQQ==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame CDFC 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=xdaqnvau&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: 1IWkiVBCykPqQXfT3sykPSCbVdViBFtuoyYC1QmwStdM8DHIpsXq-g==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame DC5A 10 KB
3 KB 8ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=mdbxrpdeb&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: BO5F5XTpXusijGxlIbI72F_doUkUiR46Sz_9SdIPihdbN-dRyN20vA==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame FE69 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=spodtwzvm&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: YxHIQj0OR7twkEdATd7tJ_e5tFW82-mHm02Vcd7ljYHl9YehuWAKHA==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame E804 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=njznxjhung&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: 6r9ImPZ8jWFE7-oP1yfMSFhGZAvAGua3rhOEcfzrAIaPdPHERO2bdA==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 1D1A 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=nprmm&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: 5Ru_4UEyN58IMTczzI36OgJTQyAObvEwTk7EtBInCdEMw_YXtOr0eQ==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame B68D 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=dxgvotu&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: okAjlMtxhXiT5oc2s7K_vHIDEqwjYwhLTp-5_6Me2K5iQpSkVm87Ow==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame F429 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=xsldxodt&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: rE5UCsGqkS_To89lzoNE_uxffQa7Nx3gAzVWpUyapTyOQTUH2GQVOQ==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 7738 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=zaoeopcuo&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: CWbDpYD3Qvi2OdM-eflbd7t-UcE6YoPns7Wm9sqwgsTkwOeo6m9VQQ==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 33E2 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=cstqceck&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: v0uaqJG3DYanHGSmpXQAnqZDj8mMzImhjz8svmYr8JbltuUUC8AcHw==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame 7AE2 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=pcfcbbwtb&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: IPSnn-H7pLfLcMp3OEaeaXZo-VAEj85n1cfy-fU5Ewg_aFHeRGTDMQ==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame E8C9 10 KB
3 KB 7ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=opdkhdxawvn&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: U7GnL0frzjrsEoIr4WIft0h7v_ktdhHmLvhMWiNnsK6qyJppJK3FqQ==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame E94A 10 KB
3 KB 8ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=ifjhjwbt&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: pVF0Lf8c-ssxwLcOTuyx-FYjng2xaVSxzoPpE7aIIxDyp8bTdVJZvw==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
fantoly.com/r/ Frame B00B 10 KB
3 KB 8ms
7ms Document
text/html 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fantoly.com/r/p.html?f=kjlqbk&e=1216403959407
Requested by: Host: fantoly.com
URL: https://fantoly.com/t.js?i=ivlloi69yiz903e8suz0m&cb=7617751674220436055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32575
content-encoding: gzip
content-type: text/html
date: Fri, 20 Jan 2023 05:16:01 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: 55FPfXIj3m6qGLQpi-P2gjHK0ZlWg5RHdic2NfgCRKCz0mjvezmTTw==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame D41E 13 KB
4 KB 33ms
32ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

388666f8dab782e54a967124c50f27165b404f4a2773daed4cf27f2b2f90ea59

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j8bx3wmyk62zx86a48yh3y3dmma47vc7w26fb52cca10garzpj9910vrw6g56h3h1psrw4pnf33se78y117yxgm4898pz9c9e3bfqf81y119mh7wznhasq233mwcyvv6j6r98pzaymz70zcfhthzdp32mdckfgcszvnymkwdkhzp7ath8x4q0j41v2a6bfq7j8j6xmfjwbjjd073sst9p9e1wy2v6p2e8144r4tc7gc0k69g8ec8aakz7w8xesr53ypetqpaftx50z7dzsbs66vz4vkzy28hcfct7rwgxaqgba9x3j3p2cnm40qxm91g6bd5aj2zbgfbn74a0p6h0qsn5wagq01vn7mg3x6em5pvvnv1j239c27zwrbvf5npx7dsm1f11va5kxk1xbdq8v2xz8kkwnzb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%26client%3Dca-pub-2209759466221089%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78c811feac722bde-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:56 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame D41E 90 KB
12 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 165589
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4DNBMYZS49UcDUy%2FtcvCkUfBBCnRaUesBfuJAtCrsFsyz15vDvoVJjMrJkgN%2B%2BOvEbjnkc3WFihrscFREuVkaqupyRmS4Z6c6Yeb5sLr8JtsSsPjBzBitDLrnwLtyBlCpn6uDJO8U8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78c811ff5df72bde-FRA
expires: Fri, 20 Jan 2023 14:13:56 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame D41E 44 KB
44 KB 37ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55434
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLsjlj6JLzXblbgNEY39AufpLBEDvdLXX6tedtlIiwWn8vAWx%2FxNLReCJdapO1mpu6KD47m8jd%2FASLxeCbf2AaFTwyl%2BaIn2qD4T3Eh%2BrrVH2sCcF8WPbHUMLa%2FrylcqLjJIUlYEX2L5ZDMP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c811ff6bef9962-FRA
expires: Sat, 21 Jan 2023 13:13:56 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame D41E 222 KB
222 KB 20ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49288
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqGEK%2FWolSglRBI8dkUc97YA16YBOQlCmb9d5IO6u6JKc2Qq54SMjCk0yysZJVKbMDOWiptysoDCDDqr8M5ydkP8nfEr9vNP%2BIUkXtKlLamIfxf2PTaZvNqiRyy8x%2Fp7acbRgaGkMwtTFu96"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c811ff8c199962-FRA
expires: Sat, 21 Jan 2023 13:13:56 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame D41E
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1674220436_4b6b2b40-98c4-11ed-b41e-2266f55646ad&insert=AW&&gdpr=0&gdpr_consent=

0
673 B

135ms
56ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1674220436_4b6b2b40-98c4-11ed-b41e-2266f55646ad&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
via: 1.1 additional-webserver-green-g4xh (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 1031932488
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=99cced6d8fc59b9f
cf-ray: 78c81201bb969a0f-FRA
expires: -1

Redirect headers

Date: Fri, 20 Jan 2023 13:13:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1674220436_4b6b2b40-98c4-11ed-b41e-2266f55646ad&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame D41E 127 KB
128 KB 31ms
29ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54667
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130162
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUiCJ9of9BnL9kGhZK2N5i2zZY6gw%2Foqzy%2BbEfWS2CTEGxQ13yTIt%2FmfPF7H3QCEIAog9mFjHwY%2BrUR4l2Ouugj0isZZW%2FlMbDx7RanCDrMYzP094t0d7xVkZJy7Z5ixwMKj0EUBuwb%2Fi3oU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c811ff8c1c9962-FRA
expires: Sat, 21 Jan 2023 13:13:56 GMT

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame D41E 461 KB
462 KB 26ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1182882
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntxG6CBEhhQkzFJIPYAuNWzWviP1XPwDNM%2FIx7S4nvzlzOGI4Nfp2IP0OuQe9s57bFXA5HUFMR5JqLaqh5pRw9fgNzV1VddHYCko3hAFIHahoYkW7q4cVBpSwvtlxLtTaGbmQBfbkpPMA%2FN9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c811ff8c1d9962-FRA
expires: Sat, 21 Jan 2023 13:13:56 GMT

GET
H2 200 32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame D41E 53 KB
53 KB 38ms
37ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66329
cf-polished: origFmt=png, origSize=85233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54280
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:18:26 GMT
server: cloudflare
etag: "0bc184d99872986e7c36d6945f607e59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1q520wBU4tYTZsJhjFJG5aP5qtRXxwnDzy4P9rV0foaTnxmElbRbIvzY2flueWL2tyoalLeU9vgXrri1UdtiI4LNPhPDjdSesZJ%2FM4ntjN%2BCvQfZaz3BsNCF%2BJYJlYw6wcVxDuMEXynKTZS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c811ff8c1e9962-FRA
expires: Sat, 21 Jan 2023 13:13:56 GMT

GET
H2 200 831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame D41E 193 KB
193 KB 26ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55306
cf-polished: origFmt=png, origSize=311499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 197460
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:45:43 GMT
server: cloudflare
etag: "3e47fe2e828ecba46fd7e6ae452966ae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FofjWGK%2BkuzW1bClPRRQXQxmfPsIThxQbfj%2Bu5qV9H98SA8b%2FjEPvl8nMd1PKVQ%2BrhgG3b1sEjHss5PRZY0NWQ46Aeee11QRQBGoebGuquYJ%2Bghco4h%2BpokTe7r2KRxsqfl3M5nZ1mcQdzk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c811ff8c1f9962-FRA
expires: Sat, 21 Jan 2023 13:13:56 GMT

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ 81 B
796 B 330ms
285ms XHR
text/html 143.204.215.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=2003840872&pt=17&dpn=1&iiqidtype=2&iiqpcid=0575ce6c-6881-4b1f-a418-843ca50988d6
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-10.fra53.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: a490244524c190d14a746e89e21779948ce38668abd98503885c727d0516426d

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
pragma: no-cache
server: Apache-Coyote/1.1
vary: Origin
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: https://boxofficeindia.com
access-control-max-age: 3600
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: bL8GCVyq-lXYyxX3sD4YvLoxu56b8OvyheFn6-7UdCgrY-7ycwbxaA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 13D8 8 KB
4 KB 34ms
7ms Document
text/html 13.32.27.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-7.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81965
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Thu, 19 Jan 2023 14:27:52 GMT
etag: W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified: Thu, 01 Dec 2022 19:37:41 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-cf-id: 2s_5iqoA6CFAkb9u003XYGNPnN2XK_zw01d4NZvQzD7RX_npZ7xZ8Q==
x-amz-cf-pop: FRA56-C2
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5: 86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256: 7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache: Hit from cloudfront

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame AA2D 116 B
434 B 77ms
7ms Document
text/html 65.9.66.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27320
content-length: 116
content-type: text/html
date: Fri, 20 Jan 2023 05:38:54 GMT
etag: "517f2062d883c0ee35479a2da0c50b8c"
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id: _FdW8-EwE93t8OaxXW1MbNCCUwwnimrTy5szMZFwl0aAE73CrMjwPQ==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A157 52 KB
17 KB 66ms
7ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 23352
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 20 Jan 2023 13:13:56 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 375536
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220093-HHN
X-Timer: S1674220436.454801,VS0,VE0

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 7AF3 0
80 B 28ms
22ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 20 Jan 2023 13:13:56 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

visitormatch Show response
bh.contextweb.com/ Frame A96F
Redirect Chain

https://bh.contextweb.com/visitormatch
https://bh.contextweb.com/visitormatch?reat=1

27 B
310 B

98ms
98ms

Document
text/html

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch?reat=1

Requested by

Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/js/prebid_DMC6nI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, no-cache, no-store
content-language: de-DE
content-type: text/html;charset=iso-8859-1
cw-server: bh-deployment-64ccb75b9-4mvgt
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
content-language: de-DE
cw-server: bh-deployment-64ccb75b9-4mvgt
expires: -1
location: /visitormatch?reat=1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1 KB 85ms
30ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 20 Jan 2023 13:13:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H3 200 pubads_impl_2023011201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 81F0 383 KB
129 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeaba9fbcc1297735946d95f4d571102722a6064abb2e95ed5fd45261812033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132462
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 09:35:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Jan 2024 10:48:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 81F0 627 B
238 B 93ms
92ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cfb4ba68c6364d110555c9abfc681974fe49026c00783ab09a991be5330eb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:56 GMT

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ Frame 1FEA 0
104 B 195ms
71ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame D41E 1 KB
2 KB 121ms
64ms Script
text/html 18.135.49.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jpn4d6h8mevqgx0a8hcpjgr57gtjbcdx26e13gaacy1xhz2cq7t2c5ax95kd9eys7xwmdkt8zz2emtfenatfgk42he77b0146v1fsz814k4kvt17fdcgdjk5p830ty9stnx806f8evq6d9eqj9rrffye4bsgssk6f621sj0ytbgcsaxb4bnc5n18s2skt45t396devam4ym2q4n4ft837t0nzb9pw34ekcn7gq0r2966yma4cqjha6k1szvk8t4zthg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%252526client%25253Dca-pub-2209759466221089%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.49.103 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-49-103.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 5a8eb897c6f74e1107c3699e40e41a7b0a60a5abcc779a6031607e1b8b32ccd2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
last-modified: Fri, 20 Jan 2023 13:13:56 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 20 Jan 2023 13:14:56 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 539E 424 KB
122 KB 35ms
34ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=ghhpmf&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wz0zk9UJHGw1Y1ezf23106G5T1QQvWmrKhyOPLrgD66GRbHAVW2HwV4AolUOyyhzBs4ooOz6boS%2Bxllf8ZHeSCnmku2RZEhb6RNHDzAKWLy7NY2yO67DTcZuTtmaVwU71AXFTGi9yFC5dAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c812000fdf916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame CDFC 424 KB
122 KB 36ms
36ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=xdaqnvau&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7mnfkohcVLj6BheewX0pCYQwqqY5jBO0l%2FrGU%2FfgxI7VkvUeREcboM67T%2B%2FRwhH0h1rlypWZk8%2Bfxu9JdXoy8yu%2Brf4fV3fa87teMSq%2FiIsJolA4NUuALQXiwl%2B189%2B6%2FfhDhNp9r7EwWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c812001801916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame DC5A 424 KB
122 KB 36ms
36ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=mdbxrpdeb&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QB09bT1KdHmtVzI3zxc9xQs7EQbJzGWYkcYb%2Fc0IV%2F3jrihbba8L%2BgHa2HU3XlviPju4Ls7bANKKqjAi2NUxAosYqau%2FlfBIp0ejPAkUee708HmEmh7%2FWRugqfIEi031EUa1T4gFdpk04Ww%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c812001813916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame FE69 424 KB
122 KB 36ms
36ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=spodtwzvm&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnLx7stJGlfaecpYYlWn3rV%2FHi6UYmY6p6zY8M0nJMkJMS28dLIQRyHO%2FMffMbxbKRanTqtcw6JdBiTSrhsYb%2BcX5qepI5WmwMLzMrcUDrWKvRJtwWbVpsEZb4Vhr0z7QL13ZWbnYDdP4V0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c812002833916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E804 424 KB
122 KB 32ms
32ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=njznxjhung&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNguU4CpJBAMGYnGf9YdeldWChHN7UAMxU2LNoQ4AuMay%2BiIEc5zCx%2Fl9f2I922JHhYNHc%2FlC%2FIVdP4it6Uw4poMCUgiEnkv21U%2BmCjvMv8ri%2FURjHLqe00CgMhODVguYvtjRRB396dy0h8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c812003847916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 1D1A 424 KB
122 KB 32ms
32ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=nprmm&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hGprd%2B0IiYub%2FuzII0eq%2B9%2Fa3LvSVEThSr9WeXZaV2y0EbSlXPHxZuCIjyOclFDp2ONCj5G%2FENWyhARSSWHE09LIzR15nYn9O7s2L4nQRt7GnVOJvk9bC9MDh3qYzdPqmUMsN5KDXSMCWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c812004861916b-FRA

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 81F0 171 B
565 B 151ms
150ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 81F0 0
181 B 59ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://boxofficeindia.com
date: Fri, 20 Jan 2023 13:13:56 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 81F0 171 B
560 B 194ms
193ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:55 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 81F0 0
219 B 18ms
17ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=12524422438&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://boxofficeindia.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 81F0 0
62 B 163ms
163ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://boxofficeindia.com
date: Fri, 20 Jan 2023 13:13:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame 81F0 4 B
238 B 57ms
19ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:43 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 81F0 23 B
404 B 139ms
139ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 41b01bae397250932868c93fa0178231d2129d61347b2cec052c59d9d1eb36db

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:56 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://boxofficeindia.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 81F0 139 B
1 KB 228ms
227ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

91a678d6544043c65790dcc5dbfd5b80aded7e744012b8c105b550f510315400

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:56 GMT
AN-X-Request-Uuid: 3cb52e66-6f00-4780-a09b-9f175884f6d2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://boxofficeindia.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 81F0 391 B
449 B 140ms
139ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=%2F21671350435%2C22684505004%2F300x250-data-boxofficeindia.com_._t1&tk_flint=pbjs_lite_v7.19.0&x_source.tid=fb46afde-baeb-4574-bb23-02cddbc66d98&l_pb_bid_id=1834f249c9c2552&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9551360497268788
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fcc54139bd86f685adab03c124cded194475025823673b1782ded648d1e51a17

Request headers

Referer: https://boxofficeindia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://boxofficeindia.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 391
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame B68D 424 KB
122 KB 32ms
32ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=dxgvotu&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySTUgEgdgQtONgc64B0hP3aRT%2Bv0%2B0TfjuStSwMith5uC2JkG66Oh4UIVN8iYltkGEyTn3JrumdClRKQl0BEyc5XPDXggyCUDO7z7qWaIWthQs3%2Fi810yYJV6yyBrYgyzCzf4oZ3fxccAIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c8120098df916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame F429 424 KB
122 KB 31ms
31ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=xsldxodt&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1bjrNoKWTfzgRXUUDp0zO%2BZSL1wtvpyupIwkqtpFnu9kgEY88%2Ft%2B5FXM%2F7iptOl7j5lKCQkJXVEPN2VrwwNcIWoX4hqNw30o2wt0wDydhw8nTU8On7HRFdUT7YuIxCWw4hiyIR8zQAgj%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c812009908916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 7738 424 KB
122 KB 33ms
32ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=zaoeopcuo&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a25Ny9EbD2yUss8JkWt%2BoEnF14cAldLN%2BZca9KaeI92r4pa1iTmRVDdhkVcxO%2BNUpfk%2FgQcOH7cW5y8jUyYUgO6EGMF%2Bk6m2MY4lEdQnG01oVfOEmWgc3zlsAX0RMCuOrAuYbMBvNdi30yk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c81200b92a916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 33E2 424 KB
122 KB 31ms
31ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=cstqceck&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KV7QGb%2B%2BBfHel2fKNWchebgnHbp07gi%2BGYgSYVcN4AHegwrYTzPDQu9jvvVY9mP6LyUpF0FXqoBjcq8NADZ%2BQ%2B0m9iWWB%2FVi14aefspIoo1nqpu4iHk2SHDNxxTq159XXeDzlCntMVNZC9I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c81200c942916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 7AE2 424 KB
122 KB 35ms
33ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=pcfcbbwtb&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BVXftDCUuQ0R1UsPj05dMhJsE4tQ3Xw4UC7q3b7PluPcQLrDQf8WGce5D8L5K7wp3wXTCAIPJWt5mqNQJoULhOGTrsCiPG7it%2BeSpToyobRf9MeZ%2F2oVWuHuebHxigbRTbKgM234lzUeIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c81200d971916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E8C9 424 KB
122 KB 35ms
34ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=opdkhdxawvn&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjzK0U3d6J52wskw6XdcHEmGtPm%2FN8fI5yqtEgbvCVuVdrxhgYwNgRMQpsk4KOuvH8hTY%2BKFxwaK5tq8AKXOZrh9FDueF8j4vwBHo7cJzYIHFjVZi05RgeisnTsFCLWMvysOOiBQPQjjfHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c81200d98c916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E94A 424 KB
122 KB 32ms
31ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=ifjhjwbt&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gcf2D4JFZaDZRb9X87qZp%2B9tG%2F4lo61IgwT3rFuwtxJZB%2BOdcE6I2Sij7DWz7qGNLY9Bylf%2Fgc66OUtaTohLiNUgBgmvsHqLGwjONV70zySvqHjRHgL5E6P4d3yvQ%2Blyj7OAb5PcyzUmP%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c81200e9a7916b-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame B00B 424 KB
122 KB 34ms
34ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=kjlqbk&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 6188
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWGXigh6ebSEWtptHfjhzfLPIQTFXmK24cmhxUt6PB2vIQWTTzw9tSymhm1nUqYanTxTWlCHqfjXWka7uvNC2c3ZNItypINaFb9kvxplXgK94l5qXcQ8wzdr3VmLM%2FXRgaKLJm0RAyuH%2Bu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78c8120109d4916b-FRA

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame AA2D 3 KB
4 KB 7ms
7ms Script
application/javascript 65.9.66.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-28.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:12:04 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 10913
etag: "74ede07ef946dc2316f86b2661cf2dd3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3302
x-amz-cf-id: kid9z_fXB53V_jXdVRCUGoT2WsveDuWKrKe8JZrruRo-EZ971UQ-Fw==

GET
H2 200 link.html Show response
track.webgains.com/ Frame D41E 2 KB
2 KB 93ms
92ms Script
text/html 18.135.49.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hhp9v8sdsfppe6ntpw8fhashybbtb9sbepn19berxjytp1tr447prr8e4qkc3nb2jb42bxrdh91xk0xzdqq1gxb3235zzrgwhtfza6j0zbsnfx16vaeh3r24tfw3cw78s4er4jedn0sfmr4sywwk7skfjn97hk8fmhwaq1f0s2sb87vs17014k07tb6j2r9zb3k0f676pz6pkz9495srk3498d1rj0p8trsshearsaw50y7gqx3d0xmnes3vxn0xvzn4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%252526client%25253Dca-pub-2209759466221089%252526adurl%25253D&clickref=oneidQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcVoneid__dc_reach_suite02wkz&viewref=oneidRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.49.103 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-49-103.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: cafd114d93e7d0e5881770a91597a05a45241e16a0a70e7ecaa60c188242c4ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
last-modified: Fri, 20 Jan 2023 13:13:56 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 20 Jan 2023 13:14:56 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame A275 5 KB
2 KB 29ms
28ms Document
text/html 54.154.84.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.84.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-84-112.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 655ed294ad70d76f78c352f46dabb4b6dde1c8baf8e78166cbbb8e9bc87981d1

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 20 Jan 2023 13:13:56 GMT
etag: W/"06ab36d75459a9198728389c4c93179f4"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 30E6 0
0 29ms
28ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 1833 790 B
993 B 17ms
17ms Document
text/html 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: eb23ed8e06f71df01e9a06de1f516bce74ae25811d76393dd1f7d3823e3f0023

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 790
content-type: text/html
date: Fri, 20 Jan 2023 13:13:56 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 22B5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
885 B

32ms
31ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78efcbe1a6a11d67e9cd55d6887b3a34e4c427b81d91f1459b44074f0cff4251

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78c81201a9de928d-FRA
content-encoding: br
content-type: text/html
date: Fri, 20 Jan 2023 13:13:56 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek7CxbV4XW34tcS5y28OXjZoiW5AOB9WbWEYZjkNMpjK47SCk5u0%2BkajJfi%2ByRjcA24DbeIx4oc0HPjWqgPL%2FvVKbsNahCix61C91uSlTNTXhJwxxyU6nJ7uAXFihhu2DSUmfchMVYgJWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78c812017993928d-FRA
content-length: 0
date: Fri, 20 Jan 2023 13:13:56 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQmohmrXgkx567dNon7wMtK7aMqlb%2BOAI86OwDqN6d2lulLJMyr0ag7pyNTQmzZwlFjOwXcKHnRA1Y%2FSh1pFh5g5aPWzwe3qftNyCYQJsGT4j4o1WAnMy51XL1dnAbwxY%2FIB7lW6ED22ew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3666
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

59ms
11ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Jan 2023 13:13:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 20 Jan 2023 13:13:56 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5085 16 KB
6 KB 20ms
14ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=52332
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 20 Jan 2023 13:13:56 GMT
expires: Sat, 21 Jan 2023 03:46:08 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame AEEA 0
484 B 180ms
99ms Document
text/html 2600:9000:206f:7000:1f:4c18:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Fri, 20 Jan 2023 13:13:56 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-amz-cf-id: somJkpkfIjooZMTuwDz1hTd_xuP4BMGuRIqSUt0sXV0vkytfvdqUvw==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2

200

sync
ads.servenobid.com/ Frame 13D8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=9059445544637372677

0
345 B

32ms
31ms

Image
image/avif

63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=9059445544637372677
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Fri, 20 Jan 2023 13:13:56 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9465b195-8f7d-420b-a08d-3ac8eb8d0522
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ads.servenobid.com/sync?pid=312&uid=9059445544637372677
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 13D8
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=GBJ5tRZHCWjJzRKXT6-NoRKa

0
351 B

31ms
31ms

Image
image/avif

63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=GBJ5tRZHCWjJzRKXT6-NoRKa
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:56 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=GBJ5tRZHCWjJzRKXT6-NoRKa
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 13D8 0
277 B 163ms
137ms Image
text/plain 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Jan 2023 13:13:56 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 13D8
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6366743124

70 B
264 B

35ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6366743124
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
etag: RX27d8741636c94aa089b8b32a79f428b3003
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6366743124
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 13D8
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5124322324660725062

0
344 B

31ms
31ms

Image
image/avif

63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5124322324660725062
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5124322324660725062
Date: Fri, 20 Jan 2023 13:13:56 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 13D8 0
498 B 452ms
110ms Image
text/plain 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-49
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 13D8
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=5d608802-17b0-4fcf-aaa0-3b07692c9736&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
356 B

31ms
31ms

Image
image/avif

63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=5d608802-17b0-4fcf-aaa0-3b07692c9736&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=5d608802-17b0-4fcf-aaa0-3b07692c9736&gdpr=0&gdpr_consent=&us_privacy=1YN-
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 13D8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-qo0eFuBE2uE0VnE1zDJdsNg4EcggzF139UtrWB8-~A

0
366 B

37ms
32ms

Image
image/avif

63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-qo0eFuBE2uE0VnE1zDJdsNg4EcggzF139UtrWB8-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-qo0eFuBE2uE0VnE1zDJdsNg4EcggzF139UtrWB8-~A
date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

400
Bad Request

a6da5bf591376177b08e1eb90117169d.gif
cs.iqzone.com/ Frame 13D8
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-fce99b07-7d44-3d69-898d-11f96a30c7d8&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26bu...

20 B
20 B

6016ms
1938ms

Image
text/plain

8.2.111.13
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-fce99b07-7d44-3d69-898d-11f96a30c7d8&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mY2U5OWIwNy03ZDQ0LTNkNjktODk4ZC0xMWY5NmEzMGM3ZDgQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mY2U5OWIwNy03ZDQ0LTNkNjktODk4ZC0xMWY5NmEzMGM3ZDgyAhoSOAE=
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Server: 8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:14:03 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

Redirect headers

location: https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-fce99b07-7d44-3d69-898d-11f96a30c7d8&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mY2U5OWIwNy03ZDQ0LTNkNjktODk4ZC0xMWY5NmEzMGM3ZDgQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1mY2U5OWIwNy03ZDQ0LTNkNjktODk4ZC0xMWY5NmEzMGM3ZDgyAhoSOAE=
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 13D8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-qo0eFuBE2uE0VnE1zDJdsNg4EcggzF139UtrWB8-~A

0
366 B

33ms
31ms

Image
image/avif

63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-qo0eFuBE2uE0VnE1zDJdsNg4EcggzF139UtrWB8-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-qo0eFuBE2uE0VnE1zDJdsNg4EcggzF139UtrWB8-~A
date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A157 0
863 B 55ms
13ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:56 GMT
AN-X-Request-Uuid: 0cf41936-47f6-4472-9abc-f8b4444ef5a2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 1833 0
344 B 36ms
30ms Image
image/avif 63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=1321010165453093258&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 1833
Redirect Chain

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08a22204008b8289199f9900&gdpr=0&gdpr_consent=

43 B
481 B

18ms
18ms

Image
image/gif

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08a22204008b8289199f9900&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08a22204008b8289199f9900&gdpr=0&gdpr_consent=
date: Fri, 20 Jan 2023 13:13:59 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H2

200

pixel
cm.adform.net/ Frame 1833
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=1b2a5ef1-b7ea-4386-be3f-36100d2649e5&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-p2lTS6BE2pk7_rgD7A8c.2xD7VHX9EPtitCNCg--~A&expires=5
https://cm.adform.net/pixel?adform_pid=3&adform_pc=1b2a5ef1-b7ea-4386-be3f-36100d2649e5&adform_v=1

43 B
163 B

99ms
25ms

Image
image/gif

37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=3&adform_pc=1b2a5ef1-b7ea-4386-be3f-36100d2649e5&adform_v=1
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
last-modified: Fri, 18 Nov 2022 16:49:04 GMT
server: nginx
accept-ranges: bytes
etag: "6377b780-2b"
content-length: 43
content-type: image/gif

Redirect headers

location: //cm.adform.net/pixel?adform_pid=3&adform_pc=1b2a5ef1-b7ea-4386-be3f-36100d2649e5&adform_v=1
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 1833
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=ce0e5a5c-a617-44c1-84f8-4f088b826819&gdpr_consent=null&gdpr=0

43 B
426 B

146ms
25ms

Image
image/gif

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=ce0e5a5c-a617-44c1-84f8-4f088b826819&gdpr_consent=null&gdpr=0
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=ce0e5a5c-a617-44c1-84f8-4f088b826819&gdpr_consent=null&gdpr=0
date: Fri, 20 Jan 2023 13:13:56 GMT
server: _
content-length: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 1833 0
241 B 10ms
9ms Image
text/plain 2600:9000:211e:7000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache, must-revalidate
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: pQ7d9HD95GD2m7xTYUKdz9VtwVLSExj3L9OFInuux9K-bK7KqgF-Yg==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A275
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=9059445544637372677

35 B
250 B

47ms
31ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=9059445544637372677
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Fri, 20 Jan 2023 13:13:56 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 37a0f82b-8b14-4ecc-abbc-39d54df76119
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=9059445544637372677
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A275
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_f5b65c9a-56bd-44f8-9594-8fe0969f5cc0&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_f5b65c9a-56bd-44f8-9594-8fe0969f5cc0&gdpr=0&gdpr_consent=&us_privacy=1---
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=1b2a5ef1-b7ea-4386-be3f-36100d2649e5
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=1b2a5ef1-b7ea-4386-be3f-36100d2649e5
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=771c5c12-cd0a-4de7-9c2e-98e64c5bdc43&user_group=1&ssp=gumgum2&bsw_param=1b2a5ef1-b7ea-4386-be3f-36100d2649e5
https://usersync.gumgum.com/usersync?b=bsw&i=1b2a5ef1-b7ea-4386-be3f-36100d2649e5

35 B
250 B

32ms
31ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=1b2a5ef1-b7ea-4386-be3f-36100d2649e5
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=1b2a5ef1-b7ea-4386-be3f-36100d2649e5
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A275
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-130d1c3c-ef52-4c79-70db-2389565ea183$ip$185.213.155.168

35 B
250 B

34ms
34ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-130d1c3c-ef52-4c79-70db-2389565ea183$ip$185.213.155.168
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-130d1c3c-ef52-4c79-70db-2389565ea183$ip$185.213.155.168
Date: Fri, 20 Jan 2023 13:13:57 GMT
Connection: keep-alive
Content-Length: 129
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A275
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_f5b65c9a-56bd-44f8-9594-8fe0969f5cc0&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=RXaSoyWUUmilXXfdP-6f&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2USYMFJW66KXKVKW22LMLBMGMZCQFU3GM...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RXaSoyWUUmilXXfdP-6f&us_privacy=1---

35 B
250 B

33ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RXaSoyWUUmilXXfdP-6f&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RXaSoyWUUmilXXfdP-6f&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame A275
Redirect Chain

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6503986808

70 B
264 B

32ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6503986808
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
etag: RX27d8741636c94aa089b8b32a79f428b3003
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6503986808
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A275
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=WGdE4ToeE8vW&ev=1&pid=558355

35 B
250 B

31ms
30ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=WGdE4ToeE8vW&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://usersync.gumgum.com/usersync?b=pln&i=WGdE4ToeE8vW&ev=1&pid=558355
content-language: de-DE
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-64ccb75b9-4mvgt
expires: -1

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame A275
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28jt6jkktYKx_Zvgt1WCUfQyycjKDQjVYGiLcEwa7lXA16FMJrlD0Kjb5FW4pp_mAw%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_f5b65c9a-56bd-44f8-9594-8fe0969f5cc0&obuid=ENC(jt6jkktYKx_Zvgt1WCUfQyycjKDQjVYGiLcEwa7lXA16FMJrlD0Kjb5FW4pp_mAw)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=jt6jkktYKx_Zvgt1WCUfQyycjKDQjVYGiLcEwa7lXA16FMJrlD0Kjb5FW4pp_mAw&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_...
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=9059445544637372677&obUid=jt6jkktYKx_Zvgt1WCUfQyycjKDQjVYGiLcEwa7lXA16FMJrlD0Kjb5FW4pp_mAw&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_pri...

0
0

99ms
99ms

Image
application/json

64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=9059445544637372677&obUid=jt6jkktYKx_Zvgt1WCUfQyycjKDQjVYGiLcEwa7lXA16FMJrlD0Kjb5FW4pp_mAw&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

Date: Fri, 20 Jan 2023 13:13:58 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1b8c347d-14a2-4cc0-b15a-44f2007dc56c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=9059445544637372677&obUid=jt6jkktYKx_Zvgt1WCUfQyycjKDQjVYGiLcEwa7lXA16FMJrlD0Kjb5FW4pp_mAw&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A275
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=796be121-7d49-4429-beed-15dbe30c9454

35 B
250 B

35ms
33ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=796be121-7d49-4429-beed-15dbe30c9454
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=796be121-7d49-4429-beed-15dbe30c9454
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A275
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-hjEk2o5E2pcUOJtfExiAA2zrgI0tcUS2UbWu~A

35 B
250 B

31ms
31ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-hjEk2o5E2pcUOJtfExiAA2zrgI0tcUS2UbWu~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-hjEk2o5E2pcUOJtfExiAA2zrgI0tcUS2UbWu~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A275
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=a0d21102-88b4-4e85-a001-83e20dfc26ca

35 B
250 B

32ms
29ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=a0d21102-88b4-4e85-a001-83e20dfc26ca
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=a0d21102-88b4-4e85-a001-83e20dfc26ca
Date: Fri, 20 Jan 2023 13:13:57 GMT
Connection: keep-alive
X-CI-RTID: b65b919b-5eef-4cf6-9c8c-1e107c07c403
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 204 services
sync.technoratimedia.com/ Frame A275 0
293 B 294ms
94ms Image
text/plain 193.122.174.27
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 145819131
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame A275 0
44 B 301ms
94ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
content-length: 0
server: c

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A275
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=8fc4721a-da4b-463c-a04b-81cafa6eb95f

35 B
250 B

32ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=8fc4721a-da4b-463c-a04b-81cafa6eb95f
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=8fc4721a-da4b-463c-a04b-81cafa6eb95f
access-control-allow-origin: *
date: Fri, 20 Jan 2023 13:13:57 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A275
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=1321010165453093258

35 B
250 B

29ms
29ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=1321010165453093258
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=1321010165453093258
date: Fri, 20 Jan 2023 13:13:56 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame A275 0
358 B 4390ms
4386ms Image
image/avif 63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_f5b65c9a-56bd-44f8-9594-8fe0969f5cc0
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:14:01 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame 1FEA
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
https://us-east-pbs.automatad.com//setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=b788ca9e-ecc3-4f96-b21a-c523aa07579f
https://us-east-pbs.automatad.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=b788ca9e-ecc3-4f96-b21a-c523aa07579f

0
766 B

94ms
93ms

Image
text/plain

143.244.214.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=b788ca9e-ecc3-4f96-b21a-c523aa07579f

Protocol

Server

143.244.214.118 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=b788ca9e-ecc3-4f96-b21a-c523aa07579f
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 129
expires: 0

GET buyers
dmx.districtm.io/s/v1/ Frame AA2D 0
0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5085 2 KB
2 KB 1702ms
1701ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94202311&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 41d0382ce2881e9f9bdf8bce0cca1d2154a5c43c34c8ad575fff036bfa8c69bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 20 Jan 2023 13:13:57 GMT
content-length: 2024
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3666 34 KB
10 KB 8ms
7ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 64ddd3f5853c316ce06ebe82b231e7c22035a240530089bb09411a342abfed12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:50:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77821
Connection: keep-alive
Content-Length: 10036
Expires: Sat, 21 Jan 2023 10:50:57 GMT

GET
H/1.1

200

0.gif Show response
id5-sync.com/i/495/ Frame B001
Redirect Chain

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D

43 B
1 KB

29ms
29ms

Document
image/gif

162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 20 Jan 2023 13:13:56 GMT
p3p: CP="CAO PSA OUR"
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length: 332
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 13:13:57 GMT
expect-ct: max-age=0
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2B7E 16 KB
6 KB 12ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=52332
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 20 Jan 2023 13:13:56 GMT
expires: Sat, 21 Jan 2023 03:46:08 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame E95F 70 B
264 B 33ms
32ms Document
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Fri, 20 Jan 2023 13:13:56 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame E4EB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=11b563ca-9391-4a00-86af-3c94f33f52a0&gdpr=0&gdpr_consent=

35 B
250 B

99ms
32ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=11b563ca-9391-4a00-86af-3c94f33f52a0&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:13:56 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:13:56 GMT
Expires: Fri, 20 Jan 2023 13:13:55 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 357 2feb0b5 master cdg-pixel-x30 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=11b563ca-9391-4a00-86af-3c94f33f52a0&gdpr=0&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame DF7D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=Y8qTkwAAARFZpgAb&gdpr=0&gdpr_consent=

35 B
250 B

96ms
30ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=Y8qTkwAAARFZpgAb&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:13:56 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Fri, 20 Jan 2023 13:13:56 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=Y8qTkwAAARFZpgAb&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220044-HHN
x-timer: S1674220437.877795,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 73C7 170 B
188 B 79ms
70ms Document
image/png 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mNWI2NWM5YS01NmJkLTQ0ZjgtOTU5NC04ZmUwOTY5ZjVjYzA=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 54EB
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
https://cs.emxdgt.com/umcheck?apnxid=9059445544637372677&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
https://usersync.gumgum.com/usersync?b=emx&i=9059445544637372677brt51551674220436917607f1

35 B
250 B

75ms
38ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=emx&i=9059445544637372677brt51551674220436917607f1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:13:57 GMT
Expires: 0
Pragma: no-cache

Redirect headers

content-length: 0
content-type: text/html
date: Fri, 20 Jan 2023 13:13:56 GMT
location: https://usersync.gumgum.com/usersync?b=emx&i=9059445544637372677brt51551674220436917607f1

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame E4AE
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=Y8qTlcCo8XoAAKK0MfUAAAAA

35 B
250 B

31ms
31ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=Y8qTlcCo8XoAAKK0MfUAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:13:57 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Fri, 20 Jan 2023 13:13:57 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=Y8qTlcCo8XoAAKK0MfUAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 6
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad391.dc4p.scaleout.jp
X-SO-IP: 185.213.155.168
X-SO-Key: Y8qTlcCo8XoAAKK0MfUAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y8qTlcCo8XoAAKK0MfUAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad391"}
X-SO-LB-Hostname: m-tgng22.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad391

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame C72F
Redirect Chain

https://cs.admanmedia.com/sync/gumgum?puid=e_f5b65c9a-56bd-44f8-9594-8fe0969f5cc0&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
https://usersync.gumgum.com/usersync?b=aad&i=deeda9f1-ff93-4b8a-9103-3072704e2a78

35 B
250 B

34ms
33ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=aad&i=deeda9f1-ff93-4b8a-9103-3072704e2a78
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:13:57 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Fri, 20 Jan 2023 13:13:57 GMT
Expires: 0
Location: https://usersync.gumgum.com/usersync?b=aad&i=deeda9f1-ff93-4b8a-9103-3072704e2a78
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Frame-Options: DENY

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 77A1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
https://usersync.gumgum.com/usersync?b=iex&i=Y8qTlPrPOTdNYmcwg5owlwAA%261201

35 B
250 B

90ms
32ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=iex&i=Y8qTlPrPOTdNYmcwg5owlwAA%261201
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:13:56 GMT
Expires: 0
Pragma: no-cache

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78c812028b28bbb9-FRA
content-length: 0
date: Fri, 20 Jan 2023 13:13:56 GMT
expires: 0
location: https://usersync.gumgum.com/usersync?b=iex&i=Y8qTlPrPOTdNYmcwg5owlwAA%261201
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6nZBdKGfebrX2gQmmwbG4z92cUTiVW5CRZOqyGZpb4aIKN6t%2FVfd6yadri2B2NKhZ%2BonUucll2kRo8DqgqvwU5GRi7XhFzn6J2E0SvrDThtPhVYhn1hG7W2W%2FVTdx5PxGzKlFsoaJYHPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame D6E9
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=wYsGVH9rSmaKk00yLdql&pi=gumgum&tc=1

35 B
250 B

94ms
32ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=wYsGVH9rSmaKk00yLdql&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:13:57 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 20 Jan 2023 13:13:56 GMT Fri, 20 Jan 2023 13:13:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=wYsGVH9rSmaKk00yLdql&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 12E2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

8ms
7ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Jan 2023 13:13:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 20 Jan 2023 13:13:56 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 22B5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y8qTlPrPOTdNYmcwg5owlwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE_sPoGxnYocGT-qKFh1PoI&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE_sPoGxnYocGT-qKFh1PoI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE_sPoGxnYocGT-qKFh1PoI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 22B5 70 B
264 B 69ms
67ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 22B5 43 B
855 B 461ms
123ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8qTlPrPOTdNYmcwg5owlwAABLEAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H66M890EDWAJETQKRFG9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 22B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8qTlPrPOTdNYmcwg5owlwAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA7O4R89nW2e_R88Nee3lyQ&google_cver=1

43 B
754 B

27ms
27ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA7O4R89nW2e_R88Nee3lyQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmPbFstczRifD%2Bt4q9b5MZ8H11%2BJwgjMVaUz91%2BrsSeIQXIYHXkfG%2BRKboHlk8kZercY7E1SLCoiLmhjfgNkJhFN8Fp1unymImwABtikGE8ifxknmMgY5KiJEH4BrX3g%2BgP%2BBfZuahW09Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 78c812057a65bbb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA7O4R89nW2e_R88Nee3lyQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 22B5
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D

43 B
632 B

23ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date: Fri, 20 Jan 2023 13:13:59 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H2 200 bridge
cm.adgrx.com/ Frame 22B5 43 B
283 B 97ms
15ms Image
image/gif 72.251.241.196
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-5
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 22B5
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9059445544637372677

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9059445544637372677
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f34e04db-2029-4e59-b4b4-2aed69ce5abc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9059445544637372677
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 22B5
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1689858837&external_user_id=5e27e64e-85ab-41f4-8b94-e1cd50e99f15

43 B
632 B

12ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1689858837&external_user_id=5e27e64e-85ab-41f4-8b94-e1cd50e99f15
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

date: Fri, 20 Jan 2023 13:13:57 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1689858837&external_user_id=5e27e64e-85ab-41f4-8b94-e1cd50e99f15
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 200 sync
ads.servenobid.com/ Frame 22B5 0
357 B 35ms
31ms Image
image/avif 63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=Y8qTlPrPOTdNYmcwg5owlwAABLEAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 81F0 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 81F0 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=boxofficeindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 81F0 43 KB
10 KB 526ms
525ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939641135947206&correlator=1659713051422631&eid=31071151%2C31071349%2C31071686%2C31068366%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011201&ptt=17&impl=fifs&iu_parts=21671350435%3A22684505004%2C300x250-data-boxofficeindia.com_._t1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1830339753&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Da933d67a1d159c4c%3AT%3D1674220432%3AS%3DALNI_MaykqGtoMb-Emty8EET0yvaZ_73mQ&gpic=UID%3D00000bc71b5338d7%3AT%3D1674220432%3ART%3D1674220432%3AS%3DALNI_MYz8W9y1s997GbKJ1c1AYgkt-L8Ug&abxe=1&dt=1674220436928&lmt=1674220436&dlt=1674220436193&idt=586&adxs=980&adys=253&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=6wwklh6uwq6j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Fboxofficeindia.com%2F&ref=https%3A%2F%2Fboxofficeindia.com%2F&top=https%3A%2F%2Fboxofficeindia.com%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=461281065.1674220432&ga_sid=1674220437&ga_hid=342788192&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpODB-twwSABSAghkEhkKCnB1YmNpZC5vcmcYtePB-twwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKTgwfrcMEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lXR1p3TmtOUWVtSlJOR2xFVVUwelpWUXpkVzAzZHowOUluMD0Y1-jB-twwSAASGQoKdWlkYXBpLmNvbRik4MH63DBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfmwfrcMEgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a3212f69fae337c2c4a69b50e0607b676c1c18241abaa0d49463fe8ba28cfdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10507
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://boxofficeindia.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 81F0 14 KB
11 KB 85ms
84ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50631f43bbf19ec36c339a439cd89461eb90da2c737de3c6bae60bb21524a33d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10966
x-xss-protection: 0

GET
H2 200 container.html Show response
9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B1B 6 KB
3 KB 95ms
80ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:56 GMT
expires: Sat, 20 Jan 2024 13:13:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D41E 85 KB
31 KB 55ms
8ms Script
application/javascript 65.9.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jpn4d6h8mevqgx0a8hcpjgr57gtjbcdx26e13gaacy1xhz2cq7t2c5ax95kd9eys7xwmdkt8zz2emtfenatfgk42he77b0146v1fsz814k4kvt17fdcgdjk5p830ty9stnx806f8evq6d9eqj9rrffye4bsgssk6f621sj0ytbgcsaxb4bnc5n18s2skt45t396devam4ym2q4n4ft837t0nzb9pw34ekcn7gq0r2966yma4cqjha6k1szvk8t4zthg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%252526client%25253Dca-pub-2209759466221089%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:31:21 GMT
content-encoding: gzip
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 78156
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: N2XYEMVoBJT_8cTGzk369UB94QEjy7h6doDPH2DvHXoQD_kVRtF6eA==

GET
H2 200 link.html
track.webgains.com/ Frame D41E 48 KB
49 KB 80ms
79ms Image
image/gif 18.135.49.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.49.103 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-49-103.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
last-modified: Fri, 20 Jan 2023 13:13:56 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 20 Jan 2023 13:14:56 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 539E 348 B
421 B 103ms
102ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436479&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c2a17ce6-1cfc-4d4d-a396-42ea6a6cbc0e&l_pb_bid_id=2c06be31bb1b77&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5647898933743014
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8fc8de59b3cd23d67856d847e86727e29b60b86a67b4371ef53858766a4f908e

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 539E 0
212 B 21ms
20ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=73545725378&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 539E 0
173 B 23ms
18ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 539E 171 B
553 B 160ms
158ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 539E 138 B
1 KB 110ms
108ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

97ad476a15c57e58462a407be1ed444eb0d6d89ad67f11bad0d362c1ee69a1ae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: aba022e2-3e07-4b4f-87d2-a17fdec4414c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 539E 24 B
398 B 143ms
142ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: de6c5f822a630ca68be30af5ff11dcd78b2253c5d3cdc647ce4a5a04dbcc8a57

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 539E 0
57 B 214ms
214ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 539E 171 B
553 B 101ms
100ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A0C 42 B
64 B 138ms
138ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVpkvWDPC9rMDZi10lCuTNtOlPKaIzeodoTf2MQvM95o6eT1Y1I9G8PzWmYUjl1cy2jNB0hQE-E9rG1SsZLOZmcII&sig=Cg0ArKJSzAeFIBm_4WPgEAE&cid=CAASF-RoC2vTG4kjv4qpBD46nGvKltz7skdQ&id=lidar2&mcvt=1170&p=838,305,1088,605&mtos=1170,1170,1170,1170,1170&tos=1170,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1904640850&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674220435099&rpt=693&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c39f3a0d95116766ea8c41a4def1b150.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame CDFC 0
212 B 17ms
16ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=33511523567&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame CDFC 171 B
558 B 220ms
185ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame CDFC 94 B
497 B 192ms
191ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 10c9f570e74a96ec2a194a61df72a14a45bcdbc6e871e8c8afb0663e7cd75993

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame CDFC 348 B
383 B 127ms
127ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436488&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b9bb43de-346f-407a-8637-b9332b886f74&l_pb_bid_id=892c817c732878&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8516337497539945
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a627e8ea5a22eed34872a74432287c434f145b4abe8cb7c6ff1ded037a6fba89

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CDFC 139 B
1 KB 34ms
34ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

85716c198def25d8a95f0a2f40a8a649a7b9bde350fd7f2804bac7dee623f685

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: bc65ad7e-2a63-4a31-bb60-36036a92d09c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame CDFC 171 B
558 B 172ms
140ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame CDFC 0
57 B 159ms
159ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame CDFC 0
173 B 18ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DC5A 138 B
1 KB 14ms
14ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

1f1f3601d88a4e8844cf118793b9d86a1cc959fed08daf8e91bb651e63900795

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: d674c44f-e87b-4127-b2c1-64233595441f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ Frame DC5A 13 KB
6 KB 179ms
179ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ff509fa49132f7cb1a96fea92c05f264c6cbe3db0f30c86556b4ee3d2fac9dc3

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-openrtb-version: 2.3
content-encoding: gzip
content-type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame DC5A 0
212 B 17ms
17ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=82868307364&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame DC5A 0
173 B 18ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame DC5A 94 B
497 B 251ms
207ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: eaae7fd570d3c78d170654f437f21270a86e30b8c15848768fc26ea4ed32f471

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame DC5A 171 B
558 B 102ms
97ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame DC5A 171 B
553 B 195ms
159ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame DC5A 348 B
383 B 118ms
114ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436495&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ccee78f3-f9d8-4e9f-98a4-6115e57064ce&l_pb_bid_id=165c6932fe9c278&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.698284303857962
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f5825ac29f071f6fd6c905cb938a4d44f6a9722cc218e47bfc1c6f9c951b8dba

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame FE69 0
212 B 18ms
17ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=40994717908&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame FE69 0
173 B 17ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame FE69 94 B
497 B 349ms
197ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b391eb9768ddc3e564a7f3419479d126d6b86ad59575ea29175af2e03b638a66

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FE69 138 B
1 KB 14ms
14ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

7fd3aacda0349881d7e23079d65bc4c1212af007eb0ce32d10fd2acf7468c2b7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: dbba39f1-b56d-4019-81b7-69bbc6913c2e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FE69 23 KB
6 KB 203ms
173ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e5714e0e3185c097d8c330264261e2e7fc43d0c9a79f386090974e30c24dea54

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ Frame FE69 3 KB
2 KB 165ms
164ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 7711e4f9c50ec1bb2b374b94dca5fc3d482d2f723e5f60e9e77ca7733cb5995f

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: gzip
x-openrtb-version: 2.3
content-type: application/json
access-control-allow-origin: https://fantoly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1592

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame FE69 348 B
383 B 140ms
139ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436504&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c82cdf89-2be1-4e99-bd86-01e09f0e4ffd&l_pb_bid_id=14d4bae2c492962&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6583776129838323
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d843d8be08806b05afad8e28ad9b80cd858a4f991140b52b82b30b0f8695d9df

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FE69 171 B
558 B 305ms
263ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 12E2 34 KB
10 KB 9ms
9ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 64ddd3f5853c316ce06ebe82b231e7c22035a240530089bb09411a342abfed12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:50:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77820
Connection: keep-alive
Content-Length: 10036
Expires: Sat, 21 Jan 2023 10:50:57 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E804 0
212 B 18ms
17ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=907118812&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame E804 0
57 B 154ms
153ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E804 138 B
1 KB 14ms
14ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

31bfaa7f6aa9aa7686af2c03ac032c867863747c39529c5b4a89feee3c083f8d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: ceec4bce-7c6f-417b-b96f-7776e7d98be5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame E804 0
173 B 18ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E804 348 B
383 B 138ms
138ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436512&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4313e169-a3bc-4669-8575-3c38e4498788&l_pb_bid_id=108374cc388fcde&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.017319781686737645
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ec54ae07875a287a0f69fd6bc907b4dd1524d6603b8928e10cc12be1c6456b82

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E804 171 B
553 B 317ms
256ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E804 171 B
553 B 194ms
94ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame E804 94 B
497 B 397ms
193ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 0e4a0d01a87fab9062c4531b8e5296246506528786803390e51abdc9257e3c22

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1D1A 348 B
383 B 125ms
125ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436521&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ad9122e2-a1d9-4e7b-b27b-26740b1f3e11&l_pb_bid_id=2f24d53b2d4839&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5310606314148092
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2af94d442e0c56914a288a07bf86165409a72ee0b70e02d64158d1b94be20d23

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1D1A 138 B
1 KB 14ms
14ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

fe35166e869b4eeb139597305451b81083684bb30293708c87ca3323d5a9d3a7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: 40f62111-c49b-4cbc-9c5c-b1153694a6ce
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1D1A 0
173 B 17ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 1D1A 93 B
496 B 408ms
186ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: f30a97547ee675c9ba7b5266973cce7a73500494061a64a5ac09d00258402e4a

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1D1A 0
212 B 17ms
15ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=4192109931&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1D1A 171 B
553 B 305ms
165ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1D1A 0
57 B 118ms
117ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1D1A 171 B
553 B 277ms
130ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F429 171 B
553 B 269ms
110ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F429 171 B
553 B 410ms
228ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame F429 94 B
496 B 415ms
188ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: d22d7aaa02bafb49995bc74a3ef409947f2c6f683c5e938ba5eac31ccecedf63

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F429 0
173 B 17ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F429 0
212 B 17ms
17ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=55013601134&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F429 0
57 B 173ms
171ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F429 13 KB
9 KB 118ms
117ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

1e1738df0e2529f1e01019a0f6175d547e98423ecad5425127a2afc30360d25b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b9b0bd55-f48e-4187-9db6-ffb6e8cc2575
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F429 348 B
383 B 125ms
124ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436576&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ee12ac44-646f-4cbf-9806-35f500aecd64&l_pb_bid_id=16db0dcfcfaa89a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4341512828384142
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ac8ee54c08e01d7714d06f20fe4fbf955af6c716ea49c791b0990cf0e6c5644a

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B68D 171 B
553 B 398ms
151ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame B68D 94 B
496 B 439ms
192ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 8cf992d7275dcdcba0cb89e42f507f5d59dd10fe8733a58941b5511e3d7aa66b

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B68D 0
212 B 19ms
18ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=23185952122&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B68D 0
57 B 127ms
127ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B68D 171 B
558 B 404ms
152ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B68D 139 B
1 KB 14ms
14ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

c5ced583077e6a90f756d0943e04f0929e5b7f5285e5d562b11c16bc09536d82

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: 2eb314a6-648c-4a4b-8113-215ae42c5302
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B68D 348 B
383 B 137ms
137ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436568&tk_flint=pbjs_lite_v7.19.0&x_source.tid=21e997ea-19ec-4f46-b713-c8fa8fd9ac48&l_pb_bid_id=14987c610713a1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04075915971790667
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 371e6ffb6f468b737d68b9069024bec7b38098365a42404349c79ad73de66c62

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame B68D 0
173 B 25ms
25ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 33E2 0
173 B 19ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 33E2 94 B
497 B 439ms
196ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 2809186a408396e05cca0a504d5d66318bdef09aad4e6c5f4ba3c304a4e84a82

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 33E2 348 B
383 B 108ms
106ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436598&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0c1bd36c-dbf8-4855-a3a5-6f6986e2ec33&l_pb_bid_id=6d1cb4a4ddc813&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6969036508638493
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bb4430fc02613f50979450a7b915c8b1271d5c0d4d93dc3c1a908f735c05ad2e

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 33E2 138 B
1 KB 25ms
24ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

176c93048d6e4ad7ce2ea504c4646c8ab47252b3fdd962e980beb9b51d17585d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: 66644ffd-68e5-4c66-afa9-78e553c50f2e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 33E2 171 B
553 B 412ms
165ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 33E2 0
57 B 115ms
115ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 33E2 0
212 B 18ms
17ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=67041001667&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 7AE2 94 B
497 B 466ms
192ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 589e3597c3a7dbecee6a445564f0a7481300e4b8ab3790171798fb5dc3a7dd34

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7AE2 144 B
1 KB 116ms
113ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

7c2f582cdab1e67bbe3f0ed75e57cdf8d064e8135ff668a527aceda289a9aed4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: 2efa29db-393a-4190-883f-448cc6918b1d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7AE2 0
173 B 18ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 7AE2 0
212 B 20ms
18ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=60215050796&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 7AE2 0
57 B 126ms
125ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7AE2 171 B
553 B 368ms
102ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7AE2 348 B
383 B 138ms
137ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436608&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7437d0b9-8bca-48f5-9168-062aabef81c3&l_pb_bid_id=142b718e01bd337&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2608519756308465
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cbfdc245e8d202a75b5d4504d8adab90e3bb7551b721444327832447358b20f4

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 979E 0
127 B 18ms
18ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E8C9 348 B
383 B 116ms
116ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436617&tk_flint=pbjs_lite_v7.19.0&x_source.tid=12ec98ca-c0c0-42a6-b1dc-1886b179b363&l_pb_bid_id=2107c77d4dd05d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9721293416072017
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cfc7436bf8bdd6bba4d393bacfda736473c62fc84d8be017401e641b9c1b8015

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E8C9 138 B
1 KB 14ms
14ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

84afc65635c9b25f39c1a5cad49bf38c93f350f66d5cf5e05e65d53b203bbdf0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: 72952f2c-e07d-4a8a-b8bc-1ee61f4faadd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E8C9 0
212 B 17ms
16ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=68150929429&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame E8C9 0
57 B 112ms
112ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame E8C9 0
173 B 17ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame E8C9 94 B
496 B 487ms
182ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 8ca8a20cee0ee74bf53cc72d3ad195db8e609e728c5dadd888cc23f2c70fa3c7

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E8C9 171 B
558 B 354ms
133ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ Frame B00B 13 KB
6 KB 157ms
157ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 8137fba880ed4665981d5a2341a51a48251484c4596cf2819e6afedf47343cff

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-openrtb-version: 2.3
content-encoding: gzip
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B00B 138 B
1 KB 23ms
22ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

d8c99507d1b3b23afe12380841b22a7833437bfa789a598a09f9b830c8746c1c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: d952075f-9913-4e2d-af9e-da4734c00ac3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame B00B 94 B
497 B 504ms
202ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: a3d4f74811e6ac589098fa9e426f91bce32026342587dca8fad72f6dfae26830

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B00B 0
212 B 21ms
20ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=17280092676&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame B00B 0
173 B 17ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B00B 171 B
553 B 403ms
102ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B00B 348 B
383 B 161ms
160ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436638&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bbe95655-7a25-4319-9b97-39e5a420bde4&l_pb_bid_id=1406c3c0e4fe155&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8180150888872768
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fcb8a7091030953eac429c76e56cf4b852b892946373380c4f762c5d386f21c4

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E94A 0
212 B 26ms
26ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=75116007907&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E94A 348 B
383 B 143ms
143ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436626&tk_flint=pbjs_lite_v7.19.0&x_source.tid=068fe437-a2fd-4a14-8b99-ea0694606ce8&l_pb_bid_id=4d92cb665c0588&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8243863252955577
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a13892c0c88b97a47f4449a62ceca6ebe649f96e51dfdbbdc3ca84d6e0bd8643

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame E94A 0
57 B 122ms
116ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame E94A 94 B
497 B 497ms
190ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 3cf56e31b9576b322738b8d1d4d9b3971c4a42489388464f92e052e5ec9d320e

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E94A 139 B
1 KB 31ms
31ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

dcc789c8a79051184cf8686bc1cfcfe58212c2ac0c9412c0e7b18c9fc17641a3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: ab0b2175-1fd2-47d6-b0ef-c0757250dabb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame E94A 0
173 B 17ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E94A 171 B
553 B 545ms
245ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame D41E 2 KB
3 KB 39ms
7ms Image
image/jpeg 13.32.27.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1674220736&Signature=fGGbnzKDqkkhV3YdtTnrBnQdo1CSEaq5pk5dqoualYo2cK270RgEpw41~jWbVwogCcAKoIfc0CcrT2kE9UXEPUxRECOmY1QZkTv9e99X~RkXe~rIUz2ANXvFVCkrnWuavWiAIbiloT~NrGoYKWuqO4x3qAObYazX1epWKDX1-~rSX531O129PTY80~zEkx4e7l246JGf~6EhJ738j5HtGUqOrD5Hh71~wp0QGXYBeo7EXCIv2lDsu6U-cKqt3YOXrodaPZDGRYFsZu5O6~nL4cyMH2n5BRTHki4URvjj4i1u8i77zlLYOUFJGjylAD8QMXiHC9RRfhrPgpoF9KmSrA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=0acfb692ca2f6cffe2599931941046a2%2F7358631765287902154&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674220436173&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9xbe9wegsk5nrz5xqz3ttdwfyc4b9e0511xqm7x7za3wxv9eygsep7j62hh91vz749r5hc6j05yqt8vc3y5z28zeqpw4w3ds4k197tb9w343bctm2v4arm3kebj18ddasgkekzvhsrawbxnx9q77k26p71pwp1a3jzwc646cv95k5c05a8vnb9ey49qfsxsej6ny71n3keave9kkzde1rz4zwgthz9pxss7ezk3qev83z8w20vcc3cyzy78y0d20qahc0spdpsr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUS8AkpPKY72aIoGIzQaa76KwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIyMDk3NTk0NjYyMjEwODnIAQmpAlHqQZ0NMbI-4AIAqAMBqgSeAk_Qx4WLPc2goNo7ka-N06sVl98G5LG9cbhqCHXoA2bgVyTY1C-w6Yr0pN2dH3cqDTOuLzG-NsoRQrXJPXduvTY36m5PLL4-3gChZUxn4G8lA8N6M7rW92AQb0CXAkfXt1pdYzJ8cnN_-HvNyHijSOl70T2wpIWCE9hQFOhu7T2pV8lFgqWm-8pyTBgSu9u71zENlvbjW2HgMeJNS32mTdACyT0T27lLNSTXuLBhVfNRzQb3Dl_TW6-ttp5x1mQkSdao3-hGOr3peESHc1_VDrOI4eOcvQAwXqbxmU-35Y3T9m1NJlAR_yhpoKgg5xp_-vLhEiVnxVQ9bUeM0b3uvl943QTvfGuSKrDuVcNH82cFuREWhmikj3rJDN_ettLgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-T1iZ8KH5EWfL4tcmo-V-TlA7ug%2526client%253Dca-pub-2209759466221089%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-40.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 20 Jan 2023 02:31:24 GMT
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 13:56:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 40616
etag: "66da632e2658ba90a2b4863be372b9cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-length: 2298
x-amz-cf-id: FpUtO0s9X5GfBwfD1c0HRgcPmGkWFY5WUWJsJoHuEcB6YmjSiDi5mw==

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7738 348 B
383 B 99ms
98ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,17b4a2aeebc4bbeea831,1,,,&rf=boxofficeindia.com&tg_i.page=https%3A%2F%2Fboxofficeindia.com%2F&tg_i.domain=boxofficeindia.com&tg_i.pbadslot=adpn-adtag-1674220436589&tk_flint=pbjs_lite_v7.19.0&x_source.tid=23596704-1756-430c-8f30-323e8a7ff032&l_pb_bid_id=224ad45f9e8e1b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38659756449404514
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 02b38e1f5a27bbcb66f0034bb4c913bb4a4a0aa5e31b24beea45818e5094bf92

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 7738 0
57 B 122ms
118ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 7738 24 B
398 B 477ms
138ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 62ac2d1053c4faf0e24e0b7fd62b827b2b03fb72d3d5246a9905aeaf2e553852

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://fantoly.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7738 138 B
1 KB 17ms
14ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

c7ea48a8e9ff62e50da8350228cd24bd66b83cf977266ed5871d8672690fdce0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: 4ad1b537-be94-4fd7-8476-db998b2f3aaa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7738 0
173 B 20ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fantoly.com
date: Fri, 20 Jan 2023 13:13:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 7738 0
212 B 21ms
19ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=17679796338&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Jan 2023 13:13:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fantoly.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7738 171 B
553 B 432ms
137ms XHR
application/json 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fantoly.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3666 0
239 B 482ms
97ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LD4JM9IQ-1U-C90C
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8BD7 42 B
64 B 139ms
138ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQV2juzN5Lm62rnPxt1CWFY7DzRZiddWBtWWCf2zZHCJ2_k0pFi9wsphrY680Z8TBWNBpv52AyW478FAgcVTFJPa5WFB39KWZt8-wgtp13Lzwq5BOj&sig=Cg0ArKJSzPyDwaGvKhZFEAE&id=lidar2&mcvt=1155&p=253,980,503,1280&mtos=1155,1155,1155,1155,1155&tos=1155,0,0,0,0&v=20230118&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=210909084&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674220436047&rpt=117&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AC54 42 B
64 B 149ms
149ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLEIV_cOpg2YGOwoy7xYeR8lgSJtgiyYOrj6PlI2D6pCkuvrSDNyARdyNmM-qZNxz9JY5ZWA4dGKrFxBjeqPev-9nc18SYYTyIrc-YcjrTPyhlYRgnVJzCS6EuaI9BM7cXYowsRQ&sai=AMfl-YQiw12DPtNXYhrekYVozcCrossgvJ7MdEc4Hvju0OuB0f3u3oF3mJg-paODTZRFdO6GauRF_ldxqTjw_6O_rSRMMrYqUdQk6Fp8H-NjT5FgxCjoDl2OFRgUiqK5vxE&sig=Cg0ArKJSzDijOYSFadU5EAE&cid=CAQSPADq26N92Q0EoQsrBc4SiJ5wD-wFR9Haqdtb5234xPTpc86bzUFNdk-x5xFBMsNr5ROmtBqUugp06oqR4hgBIBM&id=ampim&o=64,179&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1238&mtos=0,0,1238,1238,1238&tos=0,0,1238,0,0&tfs=939&tls=2177&g=99.84375238418579&h=99.84375238418579&tt=2177&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 75C4 42 B
64 B 149ms
148ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7w2p2N-IoKnxgCcE6idhEbgwiMD4wij4iU9QtOmIXIBC-7x1YoJCMarImpgEwAMiVIofh-VqoWgE2SkQpkVv1JXwXXV-ozehPgIHrvlWN9MhG13rRgq1izJEaLj1NN9eu12V2Eg&sai=AMfl-YRnWznfqvogL1-gxA7j_kDnn1niiNDYiK1M1FHDYdX9WbmNrufmLqIWaZaImGsmBQimBKArvVGobCV54IgGgWRu-HecIN6Z07ulaLz239JlNZKcP4gZB_6pz1xE3pg&sig=Cg0ArKJSzNUYTYQ65B1oEAE&cid=CAQSPADq26N92Q0EoQsrBc4SiJ5wD-wFR9Haqdtb5234xPTpc86bzUFNdk-x5xFBMsNr5ROmtBqUugp06oqR4hgBIBM&id=ampim&o=1376,179&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1224&mtos=0,0,1224,1224,1224&tos=0,0,1224,0,0&tfs=944&tls=2168&g=99.84375238418579&h=99.84375238418579&tt=2168&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 81F0 17 KB
6 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:57 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 12E2 0
239 B 52ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LD4JM9IQ-1U-C90C
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A6CD 281 B
127 B 76ms
74ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARje4Z3cATAB&v=APEucNUOo5RRiLa-vKjMminz291537e8pLbwiON8f13V6YIa1kkwmhybeXt7QkP0AiFPqxmf-o2fiwThKwg2Lw8o-ssm2M8SAxG2FKOG6g2tGr7qPd7UyyQ

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:57 GMT
expires: Fri, 20 Jan 2023 13:13:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 07C0 76 KB
27 KB 106ms
104ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 20 Jan 2023 13:13:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07C0 42 B
63 B 138ms
137ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAgru_qLXmP0wUfoIVi14N6pHprKWOvIA-djo3ukdarlTm7hqVNy-g1c_deuFKbXFPBQePLf3SEguppzZqDeMWG9d26kkDU39QRBHzJo3Qwze1um0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07C0 0
20 B 137ms
136ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16456944598518879396&x=6&ct=76

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3666
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4nh2lcBnRFa_-Z_Z61zmbw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4nh2lcBnRFa_-Z_Z61zmbw

43 B
479 B

115ms
114ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4nh2lcBnRFa_-Z_Z61zmbw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2BAYXCZ9G636K69JSZGK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4nh2lcBnRFa_-Z_Z61zmbw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3666
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=byf_Ots9TnyLwYw0QG0GIg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=byf_Ots9TnyLwYw0QG0GIg

43 B
479 B

35ms
35ms

Image
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=byf_Ots9TnyLwYw0QG0GIg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Protocol

HTTP/1.1

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T5RECYS9S8AR1K77XZHD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=byf_Ots9TnyLwYw0QG0GIg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3666
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL4rV4fL7M9usYN4belfTzY&google_cver=1

0
239 B

8ms
7ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL4rV4fL7M9usYN4belfTzY&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL4rV4fL7M9usYN4belfTzY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3666
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0Sk05SVEtMVUtQzkwQw==

170 B
188 B

73ms
72ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0Sk05SVEtMVUtQzkwQw==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0Sk05SVEtMVUtQzkwQw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 3666 0
214 B 35ms
10ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 3666
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD4JM9IQ-1U-C90C

0
707 B

156ms
117ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD4JM9IQ-1U-C90C
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 07371AB63DAF4EB1AA3161D2B0F7638A Ref B: FRAEDGE1105 Ref C: 2023-01-20T13:13:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXysdJ1eTX0LmMc8odCZA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD4JM9IQ-1U-C90C
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 3666 0
214 B 34ms
9ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2249&pt=n
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 3666 70 B
264 B 33ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 container.html Show response
9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8BEB 6 KB
3 KB 49ms
49ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js?cb=31071686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:56 GMT
expires: Sat, 20 Jan 2024 13:13:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame B60B 34 KB
11 KB 112ms
9ms Script
application/x-javascript 2a02:26f0:3500:8::c16c:9916
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:8::c16c:9916 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 35d191785fc8f1252e3afdc562f8fdbc434022eaa63097d92f219b7f64a32a55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Jan 2023 09:09:12 GMT
Server: AkamaiNetStorage
ETag: "f38d4704d1a6a5404aa3c4df730139f1:1673862797.23408"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11221

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame 1FEA
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://us-east-pbs.automatad.com//setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Y8qTlPrPOTdNYmcwg5owlwAA%261201
https://us-east-pbs.automatad.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Y8qTlPrPOTdNYmcwg5owlwAA%261201

0
869 B

95ms
93ms

Image
text/plain

143.244.214.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Y8qTlPrPOTdNYmcwg5owlwAA%261201

Protocol

Server

143.244.214.118 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Y8qTlPrPOTdNYmcwg5owlwAA%261201
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 121
expires: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame A6CD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEM9jxM_0pXaHk7jjBaJGvC0&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEM9jxM_0pXaHk7jjBaJGvC0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=26aad32673f45bd6c6c62d26834974c4&uid=26aad32673f45bd6c6c62d2683497...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
264 B

35ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARje4Z3cATAB&v=APEucNUOo5RRiLa-vKjMminz291537e8pLbwiON8f13V6YIa1kkwmhybeXt7QkP0AiFPqxmf-o2fiwThKwg2Lw8o-ssm2M8SAxG2FKOG6g2tGr7qPd7UyyQ
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
Last-Modified: Fri, 20 Jan 2023 13:13:57 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame A6CD 170 B
188 B 70ms
69ms Image
image/png 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARje4Z3cATAB&v=APEucNUOo5RRiLa-vKjMminz291537e8pLbwiON8f13V6YIa1kkwmhybeXt7QkP0AiFPqxmf-o2fiwThKwg2Lw8o-ssm2M8SAxG2FKOG6g2tGr7qPd7UyyQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4643 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 751
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:01:26 GMT
expires: Sat, 20 Jan 2024 13:01:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2B14 783 B
535 B 74ms
74ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

83879088cda875b2df7b55362cecd6ed37469560643bee2decec3ccb556b29bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qp9y0UaMMpWRkRJ0MTBqzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Qp9y0UaMMpWRkRJ0MTBqzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:57 GMT
expires: Fri, 20 Jan 2023 13:13:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07C0 0
20 B 136ms
136ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4051697790488&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07C0 0
20 B 137ms
136ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4051697790488&version=m202209210101&ct=76&x=6&cor=16456944598518880000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 07C0 70 KB
33 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwmHvVrN7PxBX5_SCtOD3O6vpFUIb56W3WiMJ72QjF0zIAXCROtqqXW8nOZ8OmydNK9uQmTv-XjgRPbzPGhFScDi-yKAbfo3mJRsrjanseEZ8Kpyl16YGnsMYbHj1odOQmKkyvP0FZgbx6ULkxUyeDREH_LzOWPWWtWZXuWvEIsBW2A3M&dbm_d=AKAmf-BNHWzUK-BKQ46MPABxT_nBqj4AzbOLAaR6oavLsalFYhVeXP1ifKUfPNhyijI_RiVXgkN_-iN8sqTr49hgQI6au9eJ1KjMPbkJrE4PRUHNhrYzezgM2SAoOsm19t_Slp6J0KjSDh59m2EcO7haMi6sdMpDO1IAfQIikXT2uRf27EsFc5mOf5hfIXE7LVATpSMZPj0MEFYIo-9y9syMAec8qL_8UmmL5Kk4tbZTLZIinbiIYMlLL0szwKK2mlVPzYappShn9AjGQr_IVyv_tZUY77-r7aGtfkAoM2Y8G6_SgC9VyGpGExOkKVy-Fph4mgSBd52YNRMvArCXO0PpPlNNrG5Gwr139wnOop70GHZKgUZBKweok2K6Fz_5xgfjNGNg5b8Zh5Q77S0B5WC2a7quDntJhxJngZNnDXHE6xM-mZ9ffehv3Iuz8ByXnq6z36rNpLFSyYkP9c13cf7vIRTWPcKkaewYw3WdgrkYgP6IjQIFQEmd9EngPGfW8mcRCdRhEnPseyd8bOzBd9YadkVhmQG_8dUj-viDUU484GPio_Ge8USH9QdwwR3mz3W6vK4So76VcOcmIsTPY6xwaIwo0ae1-B5jXMDWUfusHYOPXAd4SeqW4uTHwStFArIKburmyllAf55LIeSfYmWpnWUP6-LawTeSX3MhMNT1gJ02A0jpEpvDSHjd-szFs5wtyfIlWNi1HvOzzwOw4qTtgZpR0W0YSH6yoWtMdsi4rQJqup8M-nlwg-a_Zv0AxC87DIyAObaBWOMVkVglrtkSrT43KC7tsxpoZnt8O-q2cZnBRdBoCO_7mN145_Q3dxsbFFnD9dYXbyb-JNkdpztFDmRlIWGg1CE53kbQEjxrYdAe2GIKQy9JWkiRHZ-yKbX1neK8iMvAcRfbTwq_JphnH8lB_hJdlAPnuQwkDpjlGdDwjYne-Mw69HYt6V5S1P84MI8g_uM6y0SqawMY0QyFPzPs4Sxm627ng8pHKq6hY8OnvhQMOzHhACuvdMLUF3LYtF4kxtBwO5ut4R9RIZvq9KdK3roy50Z0F3pHkdkD6x7bO859HmRRoPYEJLw2upBCT1nIs1XwFURaQ_IrV8fTMsV3JZB4kPDVIn9K4tPODBTsSxIR17hDb8n7PW3SFVMVjXS0HPD7QdAWSbBIguSIJ2C1DqsXAOQ38ICXc3DCADbPH0OJRCvXLoVADjy7zjvPgevqKR2sRS98i_ytjzIjVJAJyzkbA-6lihVT9rLJwhvwgkr96mco6RSl_4tDrR0jxhgqeFrQfJ6dMjSOYgp2EEKSAXKHtniSDyLHAoNFTczgwoXpgHLvIa4JCePkVU4EcuAZt3CuaCS-fCWdWtlQHOekzzttHDYR4K8zIkFDhvN_6OyPo6KWVmviEumhcyXVs1Bj_zA5cnpbtUOlie3UOFQuo3-9QWiZl8Vsh73uyPMD2_zU_bv8pkaU_RxOILtxyA8X-dZA_m6PTHjk5zOsxsPRtKpkzInnx8WjmGPJWc4lk7XnEZgV1lrkJLmeLmb0cBePLeoDygWV0z-IDUcbGN6qbjMrscOKD93v3cXH9Fi2CJ_Flom-rEq2MJUKMoAVRAPILlhxxFUXlNeQIJlrBFOq3uvW2NTfpFmlr4VO24ObrPTxMqV5VlZ74mrpgonxsrTwhIK4OZiconTaWmGN-0YvMsm4sc-jWt5209Vi2UbmzEQotoziYWQobjr4pOvNhhho-6UUJsxrb1hIeiCh182bZIeOOLHGOk12_j9re9beJM0CCzhU7mH69UxNt8oVne_pTNZniCbFZf_mdKHGY18kdV-5ChC5C0INQRcA3mDNIJlj6805lzBaDwVnlD7fUh818fIkqAcikF3lC8ZO5drsE63CYrEX0Jqi6OhNxk-xGNuB1lYZZBV_nZgUiiO1h2E58fysMGINMB9vMEYRzPjo1ek2v6khJJJQtv4xEBx-irCVwGp7OWUegYo0L9Ea83ZHFcmR0ggyFhC7hjF_zPce9RKQrs0FxUF1OcI2DuC305aMXPQJzvHUosXMlBG9zDctRKVuq2axDg4OYXgWI_gMhdZJKHrjHzwQQk3Y_4pcE-kmpWwDl1AWKdE3eNQE3P8TkLSdDkgDNc3QFoiSeZsLfMbdPtVQYVSQDOH0WPAfOYKum1UphhO3hZwjxNfGZadTzb8LDVbV2vPl0GVTvYhx1mUX1e0yTfZ1wMjvVs0ZL0KSCwEL1xARlGoIMSfW3eFi_zURZPiMOGN-4Z17jZS8RyJf0_f9Z7oae_Nef7DLcxUU_oB6TkrMklwLNLLRXirSJZeXtgrlwjDitJpLMVY5Gs9hQFQ7K6VWmCfR9OxswyLv_LdOkubWgNLS1djAAP_Fx3gq3NRo7XtnWroySFaS9G6BwnDJkRdHLY215vv72j2h4YLCwBBNKVW8Ldq6SoyINpic4CuLHCEeS-IBfBAqkhs5tKqocd0RuulqqG5Ym4rn322OA80bbQQhWKhiy4DIMHkHZFIzau1YujRb5qxCJWak_X0f-yTNNnVi8FL-FiTGqIp4ejC69WvIFZV2Dlr7QVVvHg1C5cbj-6nqOKxfRtD92YVnG0xd7iPr54YFIjBRv-KzFhxcQT591rCOe3NBsOnAX-iVbXLJ_P5zI2fbqfhq9hZk0vx_2Ttb0wKvJ_YEZky-N08msjx-cKtVF5ana3_t7gn-DZW7oHq0kKe5AKIPPdx8hAeaLkvGyMfsXQKs_stZCudFp-kjF3a230mA6ddICT43XqWwCRPGoBd4DX9ewglxErsZuUMUU98dNMhgdCZlc7P0eZuy3kdLhjRCItL7GdChBWzISdQKNv4XVKLV1Qu7KiSBrLbUtJ4MCg9HpZdx3otzRnewyWIcK3_ogMVMW2uelicLqWWmsIJM0bselVb3-0wAi0Tkdu__h4D7ge9Bnh_jOmFtoCwwBGRgYK3OIKTHBIXRG-vq66Qm1PZxsHtPKDmWayBpvxu_uGsm16lC3ArgpjyUD8B5aX67RbdPf4D_QVy7a8fLsrdHVeJW4jOUpk5Ch7jpsf_p1oQ7OKJ9kdoIktLNMBU2wjws4PK4TPC6CWOU42yRNArtCCxF7MsG3xuMVag1I2_SxtyxNanphQhJzhL70-FPsj9O5tXLCtUHXF6T0SOiImNJiAoI5NYeBZYcHGtPYqCTf6x2FP0xJrsARZQaq-i9Z4kEUETe5-ym49SFkyRGEReMDj0S1Gxc1oXMPWNZAOoplFZOQojSBNwiz6BTgfkhFeCr44Eaj-aHeLooWYQ4_LSpdnv6HrGyqNKbaDXXBlkL6jUV3uV2CIF0bU3lVKQqT_fMNNbS&pr=6%3A0.068444&cid=CAQSKQDq26N9b3_r1eUOg1bph4Bu9nKCPrBIFRwJi0f0T0cot93FcTRZeDivGAEgCg&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjM4MyZzaXRlSWQ9OTU5MDc1JmFkSWQ9NDQ0NDg2MCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTEwMzc2OTY4NzIxNzUwNzM3Mjk4JmFkU2VydmVySWQ9MjQzJmltcGlkPTgyRDUyNzQ1LTU1M0UtNEE0OC1BOUFBLTQ1MTc1QkNFQjlDMiZwYXNzYmFjaz0w_url%3D&dv3_ver=m202209210101&rfl=https%3A%2F%2Fboxofficeindia.com%2F&ds=l&xdt=1&iif=1&cor=16456944598518880000&adk=2843392977&idt=123&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d029c2395308721f666b5400528923a73083d0c3d856a950abd36fedb04f069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34184
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301041800000/ Frame 8BEB 221 KB
60 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs

Requested by

Host: 9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com
URL: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61740
x-xss-protection: 0
server: sffe
etag: "8e9029bac2b10828"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 8BEB 15 KB
5 KB 96ms
91ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com
URL: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5230
x-xss-protection: 0
server: sffe
etag: "98e8559bf0300638"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 8BEB 94 KB
28 KB 96ms
93ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs

Requested by

Host: 9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com
URL: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28829
x-xss-protection: 0
server: sffe
etag: "80143a542ab189b2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 8BEB 5 KB
2 KB 106ms
102ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com
URL: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "c26873ae23a2dfcc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 8BEB 40 KB
13 KB 108ms
104ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs

Requested by

Host: 9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com
URL: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 241604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "a53f7d5e2894160e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8BEB 2 KB
2 KB 43ms
40ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: 9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com
URL: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 05:07:54 GMT
x-content-type-options: nosniff
server: cafe
age: 29163
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Jan 2023 05:07:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8BEB 295 B
319 B 44ms
41ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com
URL: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 09:50:10 GMT
x-content-type-options: nosniff
server: cafe
age: 12227
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Jan 2023 09:50:10 GMT

GET
H3 200 8468852292041225572
tpc.googlesyndication.com/daca_images/simgad/ Frame 8BEB 38 KB
38 KB 46ms
43ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8468852292041225572

Requested by

Host: 9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com
URL: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f76f598312083e2a5feccb527812cdecaf1458382e8ce50f64594c8d1d982a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:08:55 GMT
x-content-type-options: nosniff
age: 97502
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38725
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 16:13:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jan 2024 10:08:55 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8BEB 0
0 89ms
86ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCMBWlZPKY-UVpKvMBo3ngagC4oWguW7Bu9Lk7g6_yLScnRsQASDW5sVYYJXikIKgB6AB67K59wLIAQKpAiegejTUULI-4AIAqAMByAMIqgT8AU_QUOmGUDBeYjWkk03IgfFLCCtsWwH6xKXw-wCjp2sxU8zsjmzeXdyX_9bBjq_ePnm6dOr9bBLrZd3-he9chwKGS3Mq8e3AWYsyrNH-fLtv-sk4Pp8LVOcq0SJPw5BPtH204qljRzkFZq8jx-cXLBbPiojX37ZnUjnc2sZuls3C8xUjqkWKoIkAuAqVBdUphDPNcJD3fGsIFG1S3o5vrRynds_9BwOaty7r-J46mC9rpw6piLSVhgTZ7pgoqsTccMJLzEwNeWSKKECK2mCNGgw-ZfdG_a3P7fARRYmJjOtWPlnvd2XnQOopkEKSM9N16AsLRkXorRK-tsz8esAEqZm4k-8D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_3MxogBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQsaEK0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMjEyODc1NzE2NzgxMjY2Mxjc7Wo&sigh=xIALjJapsk4&uach_m=[UACH]&cid=CAQSPADq26N9cRvzlFAfCgid9vxjqcG_3OQP4qrAYaHkyyUkeMz28OC6h1TzrVA-QaMkrax9qXSiK8b8HMcrvBgBIBM
Requested by: Host: 9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com
URL: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 200
OK d722cc76-15da-42e2-bb57-7751fa205168 Show response
dcdn.adnxs.com/renderer-content/ Frame 5FC0 10 KB
4 KB 31ms
7ms Script
text/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/d722cc76-15da-42e2-bb57-7751fa205168
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: bfc0c5219f83d36b5479e23a1ad0f2a7d6e8270b34a5067748e341f2b997337e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: gzip
Via: 1.1 varnish, 1.1 varnish
x-b3-traceid: 95af3afc9331a61c
Age: 37033
X-Cache: HIT, HIT
an-served-by: hbapi-proxy-production-7858c695bd-q7j56
x-envoy-upstream-service-time: 6
x-b3-parentspanid: c79cc388451ecfd9
Connection: keep-alive
Content-Length: 3011
X-Served-By: cache-lga21957-LGA, cache-hhn-etou8220063-HHN
Server: nginx/1.21.3
X-Timer: S1674220438.645379,VS0,VE0
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400
x-b3-spanid: 59a5457bc1d4282f
x-b3-sampled: 1
Accept-Ranges: bytes
X-Cache-Hits: 16, 249

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame 5FC0 80 KB
27 KB 45ms
11ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires: Wed, 10 Jan 2024 21:27:38 GMT
Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 834379
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27455
X-Served-By: cache-lga13620-LGA, cache-hhn-etou8220025-HHN
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
X-Timer: S1674220438.659178,VS0,VE0
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 60, 1687877

GET
DATA 200
OK truncated
/ Frame 8BEB 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf3f1e0a996116debc5cff30f364e005c3d1175fc93de4b3b8cbc3e971a30a90

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 22ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 2b4ea37ec31f94cc477c23b52eb3602b05b321f6e629109cd138aac2fa081eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Content-Encoding: gzip
Age: 593
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 29165
Last-Modified: Sat, 14 Jan 2023 01:47:45 GMT
Server: ECS (frb/67AA)
Etag: "1f7a9d98d378a9b1ef4dcec793a1c434+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 362C 531 B
881 B 71ms
7ms Document
text/html 2a02:26f0:3500:8::c16c:990d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%226862cdeb-d9b0-43df-b8e6-cb577199a3dc%22%2c%22adomain%22%3a%22nivea.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%223441585%22%2c%22dsp%22%3a%22109%22%2c%22buyer%22%3a%2278933%22%2c%22cid%22%3a%22%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%226147770946556674227%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:8::c16c:990d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Fri, 20 Jan 2023 13:13:57 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Sat, 21 Jan 2023 13:13:57 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 2AD0 1 KB
1 KB 72ms
24ms Script
text/javascript 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60438838;rtbwp=3A5C64705754B0E6;rtbdata=tod4paA22JRETz6N6BMBaVK9p0JY1HwAy-GRy-_gRRifnBWVWvBaGtZ5GMsze_QRJSfrJiyjckBtoDIkcHywho8c66ILWHw2uEZz4T_1OHCUfHG70GN2BEjHa9bDDW-6W57wu2CMkJY42qreeFzipPuFoDiXg-sf8LC0ZA03B-RIiVI_NKzWzcyz6gHPsuTysKv56gpmpZQ9PnRhVY0mMIuAWRge-aLE-NQRgyeAjK_dIeaxBlhqxs4e6UJ19UI75650FB0y-X7KaA687ag4nVHD2KD_2Ifv0;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/ams3/0/12b2855f-72d8-495d-978f-a273f3d53fe7/

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8ea447b90b446545113703e5021edd9b03d7f38fba083667e1be5c0129a4952c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 921
expires: -1

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame 2AD0 0
214 B 11ms
9ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=LD4JMD3E-1O-3PC6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 2AD0 43 B
270 B 69ms
19ms Image
image/gif 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=2949098108415967098&tmstp=8814790811&ckid=1321010165453093258&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d95%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d6266%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d6274%3b%24wpc%3d6278%3b%24wpc%3d12098%3b%24wpc%3d12081%3b%24wpc%3d12001%3b%24wpc%3d11995%3b%24wpc%3d6393%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d6159%3b%24wpc%3d6163%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5980%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5810%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5778%3b%24wpc%3d5779%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6197%3b%24wpc%3d6198%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6213%3b%24wpc%3d6214%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912&acd=1674220437158&envtype=0&opid=aba14223-16b7-4c4b-a3c9-5d90e92652b6&opdt=1674220437157&siteid=555020&tgt=%24dt%3d1t%3b%24hc&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fboxofficeindia.com%2f&cappid=1321010165453093258&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=474129451314267059&rtbh=2bac003aa36555b988c7715089badb5ed29a36e4&rtblt=638098172371609624&rtbet=0&rtbptnid=109&cftgid=a8062c045226
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:56 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
track.adform.net/rtb/billing/ Frame 2AD0 35 B
210 B 71ms
25ms Image
image/gif 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/rtb/billing/?bn=60438838&rtbwp=3A5C64705754B0E6&rtbdata=tod4paA22JRETz6N6BMBaVK9p0JY1HwAy-GRy-_gRRifnBWVWvBaGtZ5GMsze_QRJSfrJiyjckBtoDIkcHywho8c66ILWHw2uEZz4T_1OHCUfHG70GN2BEjHa9bDDW-6W57wu2CMkJY42qreeFzipPuFoDiXg-sf8LC0ZA03B-RIiVI_NKzWzcyz6gHPsuTysKv56gpmpZQ9PnRhVY0mMIuAWRge-aLE-NQRgyeAjK_dIeaxBlhqxs4e6UJ19UI75650FB0y-X7KaA687ag4nVHD2KD_2Ifv0&winparams=h3kdUK0faGdxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdm5aTW-oceknmpCQbaMNwEQNpCBKuUw0J-JTmKJ0v79Dop8vKdaTYD1Ba59SIb206W5xpkvVmfhJHOh5UEYCcM8w2

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
expires: -1

GET
H/1.1 200 12b2855f-72d8-495d-978f-a273f3d53fe7
beacon-ams3.rubiconproject.com/beacon/d/ Frame 2AD0 43 B
378 B 111ms
17ms Image
image/avif 2602:803:c003:200::27
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/12b2855f-72d8-495d-978f-a273f3d53fe7?oo=0&accountId=16114&siteId=237604&zoneId=1402360&sizeId=15&e=6A1E40E384DA563B091254E77E47C318669F7DDB16C40E172BF39BF3709E0764CCFBE1F8DD48C9D58D6C2CF01A3465A07B64F388DB70D0E93E8EFC060C94DDBB10277079D300F5B051294125B3591080510C5D014208426EE44AE2C78DB88AF2BC96686B49B5214DEB529D0FD8A712466A74EC9CF0645C3E9842D076337A2E0336D500469DADE97301B161855D5543C4DB36492CD3B0E6357F23F15B9B3F7B9B498DADCDDC3D28C627454C414D63B2C4CEA681BF473149A4A6BE04B15A229EF712DD30017047E512

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK r
shftr.adnxs.net/ Frame 5FC0 4 KB
5 KB 114ms
42ms Image
image/png 185.89.208.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shftr.adnxs.net/r?url=https%3A%2F%2Fs.yimg.com%2Fch%2Fafa3a641-b809-45e5-8127-19f1cbe2f16c.png&width=100&height=100&crop=1
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=xsldxodt&e=1216403959407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.15 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: shftr-ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: 3cb62a32baccce6b1e950700ef911e594d506746eac4502305166c577039a761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:57 GMT
Server: nginx/1.21.3
Connection: keep-alive
Content-Length: 4542
Content-Type: image/png

GET
H2 200 get
choices.trustarc.com/ Frame 5FC0 739 B
1 KB 71ms
7ms Image
image/png 65.9.66.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=xsldxodt&e=1216403959407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-43.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Sun, 08 Jan 2023 09:24:08 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
age: 1050589
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: X3zN8m5EX6rvGBmYOTC9Wm7JI2DwWBRNnGWdXKTjo8bFNukx7EcqqQ==
expires: Tue, 07 Feb 2023 09:24:08 GMT

GET
H2 200 459bfa4d-f8e7-455c-9326-8c5a68b3f954.jpeg
s.yimg.com/ch/ Frame 5FC0 63 KB
63 KB 79ms
28ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/459bfa4d-f8e7-455c-9326-8c5a68b3f954.jpeg

Requested by

Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=xsldxodt&e=1216403959407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

786755a3c9f0313ddbf4fcb95a90d3e2c716deb10d7562a55309ac7040782044

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 15:15:36 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: HJCV4AVSZE7VP236
age: 770303
x-amz-server-side-encryption: AES256
content-length: 64064
x-amz-id-2: XyFVfCexsCibWOCLhZOombrUk7UOgc/PzDZA4f0w/WYH5Y5PvA1VVQQGbsz1sSm2STmrL3FS9nM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 23 Nov 2022 15:45:17 GMT
server: ATS
etag: "6e3ce76c825e88a46c844cc5aa157e0c"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/jpeg
cache-control: max-age=15552000, public
accept-ranges: bytes

GET
H2 200 0.000529
pn.ybp.yahoo.com/bw/appnexus/imp/R4cltPXnBF_3njiN4Q_QfBpZ7mDs0q6qi4iJ5fnnv4t7RPKoyFa1BDuKinsZZkXBPqc43QLlRSVf8tiBkPa0QlUPJJuV6-vyV_D-KuPKVaGTWAiVdgaPxE7agjb7eFiEIHwIZkCrUfxWIx7BelP_Zh6cTwnPUkO62Kgc... Frame 5FC0 0
365 B 112ms
50ms Image
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pn.ybp.yahoo.com/bw/appnexus/imp/R4cltPXnBF_3njiN4Q_QfBpZ7mDs0q6qi4iJ5fnnv4t7RPKoyFa1BDuKinsZZkXBPqc43QLlRSVf8tiBkPa0QlUPJJuV6-vyV_D-KuPKVaGTWAiVdgaPxE7agjb7eFiEIHwIZkCrUfxWIx7BelP_Zh6cTwnPUkO62KgcXcNc0RL9cbcu3MkSiCaC0Uust4qLCyb02xi38AEWG10apQwBDxDBR1qPbjYEuHXgp-otkEaPgNXCsctWUtbHqAxgpSurbJS3EQOexWnpDpI9bMApLHLUub79YkPNuq_de1e0mfDDFWthScm-3YQAfXuOuTb4IDp-UjmGo9i7So507vlfTLketEXM6QXDjfIZ1Cvw_LiicAOjI4879HzEzVIH16w2gHMdvH0suXDiB5pl_X0d_tDu9XNAR1xCIbpMGjhG6EL5iWcbKxTVqHTaqSpqJFyLZqEkWWx_JblXJZadYuYnZyccRCfJnEV_rK1kCj-Im2MYbCp3yCB5z3s2MAs_QF6D34lq9678DAD5zpgcQQKadReOBokQ1RR6HKpfPBdEI7G60a_WINdNw_b2PFf9k0SqMWnUAwkvNFOdjnIGfXARJMmBJQgOSpo3S8r6LBnpyQlzwQ1ygu_Xd3CWsCiFnB5fyVuxVEHOlxU3Mx1D_ZKmJDmbYuLGdKVjSMnfPpJmtPfZmqzajO6Cxk5kcch80nkANdw22gWPBL4At0tNtrl_ymQe36vlEWKPnrIlWUc_Ki707zJiT9ywTvGGmaWG1NZhEm3OXzo-2Wbuq2Jm2SvLM0Nh0UQaOB0eholpRlcv8HE9RR2U-YiwHNu6Nv9YgesUvJGKJmivS7oM1FLf_c1L0wbEnSfuQXrt4ccS4i0x3UqBAxRAXvBUKENRR3x8LYV8d4LvFn4saOtbGJ6TWyv1Fhi9oNTi8DAnDAxFQEJLPy6RxLqrMBhjfpPsNBth0xP4Fk88i8wISKWSLOxgNmT9OreqihIiu2h8ILO9rY2ggl7rYP9BywiQgAkPDyMaV6RRRHtf0PAR8qCcASe41-tTIRaGMurIU42v6B6Ygl-fTfBPUqdo6eiQUPJvII70008LAhCBTk_6Qp9GnYh9YsiMi9NkjWzI_PmCmYy2XLTiN2cCU_MUHSEekKugLNB-RUxTQfVTr2cXcWdGlcsKb3CaWX22HtihPHazQSL1rEB45IEEYr0idD_6ScHXVHPWT7irrBq_wBy7dEUNnwRq5adkgK4yHw4EBidhLUWFyKnJUUR8-6pKcDjESH10NPqN4zRxmV_MusfleuaOBItNxt7Dnjpmlwiagivnmenga-SoO0qc_u9vdt3QTGP-RSZYKamjb6LFPqbFwTmZ-yhROUjCVdNIBnJgpRSRuhtR3AL0aS7VZ1geKTwFBOV0Y9vbI2-l_FoiXsCyrYVBTUITptTAMQ/wp/0.000529

Requested by

Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=xsldxodt&e=1216403959407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
strict-transport-security: max-age=15552000
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 5FC0 0
935 B 59ms
15ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fboxofficeindia.com%2F&e=wqT_3QLiBPBMYgIAAAMA1gAFAQiVp6qeBhDFyI_Cnb-5iSQYhbLs8JS359x9KjYJsPPK_t1YQT8R-jHC8iNqPD8ZAAAAwB6F9z8h-jHC8iNqPD8psPMJJNgxAAAAgD0Ktz8wpoz0CziYUECfF0i3AVDKxLTEAVjhiZgBYABoi_m1AXiI8QWAAQGKAQNVU0SSBQb0dQGYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCG2h0dHBzOi8vYm94b2ZmaWNlaW5kaWEuY29tL4ADAIgDAZADAJgDF6ADAaoDTRITMzA0ODYwNjg4ODk3OTIwOTQ4MxoTMjU5OTM5Mjc5NjE4NDE0MjkxNyIJNDExOTAyNTM4Kg1PQVRIMTAzMjcwMDAwOgc1NzU4MTA4wAPgqAHIAwDYA4GUFOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMrEtMQBiAUBmAUAoAWw8r7Pvp6w-SjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWxmkn6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AG6JYD2gYWChAAAAAAAAAAAAAAAAVBoBAAGADgBgzyBgIIAIAHAYgHAKAHQaoHBzI0MTIyMzXIB4jxBdIHDQkABS4AAAUwDNoHBggFCWjgBwDqBwIIAPAH7PsDiggCEACVCAAAgD-YCAE.&s=0a6e976c930c4636d3dfcdcfda120dd02314bec2

Requested by

Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=xsldxodt&e=1216403959407

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: 91a4c3c1-49de-4827-a7a8-540347bc8d13
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EC67 52 KB
17 KB 14ms
8ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2036922
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=xsldxodt&e=1216403959407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 23353
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 20 Jan 2023 13:13:57 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 375558
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220093-HHN
X-Timer: S1674220438.707624,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 5FC0 0
935 B 56ms
14ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fboxofficeindia.com%2F&e=wqT_3QLwEfBM8AgAAAMA1gAFAQiVp6qeBhDFyI_Cnb-5iSQYhbLs8JS359x9KjYJsPPK_t1YQT8R-jHC8iNqPD8ZAAAAwB6F9z8h-jHC8iNqPD8psPMJJNgxAAAAgD0Ktz8wpoz0CziYUECfF0i3AVDKxLTEAVjhiZgBYABoi_m1AXiI8QWAAQGKAQNVU0SSBQb0YAiYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCG2h0dHBzOi8vYm94b2ZmaWNlaW5kaWEuY29tL_ICowsKCElNUF9EQVRBEpYLUjRjbHRQWG5CRl8zbmppTjRRX1FmQnBaN21EczBxNnFpNGlKNWZubnY0dDdSUEtveUZhMUJEdUtpbnNaWmtYQlBxYzQzUUxsUlNWZjh0aUJrUGEwUWxVUEpKdVY2LXZ5Vl9ELUt1UEtWYUdUV0FpVmRnYVB4RTdhZ2piN2VGaUVJSHdJWmtDclVmeFdJeDdCZWxQX1poNmNUd25QVWtPNjJLZ2NYY05jMFJMOWNiY3UzTWtTaUNhQzBVdXN0NHFMQ3liMDJ4aTM4QUVXRzEwYXBRd0JEeERCUjFxUGJqWUV1SFhncC1vdGtFYVBnTlhDc2N0V1V0YkhxQXhncFN1cmJKUzNFUU9leFducERwSTliTUFwTEhMVXViNzlZa1BOdXFfZGUxZTBtZkRERld0aFNjbS0zWVFBZlh1T3VUYjRJRHAtVWptR285aTdTbzUwN3ZsZlRMa2V0RVhNNlFYRGpmSVoxQ3Z3X0xpaWNBT2pJNDg3OUh6RXpWSUgxNncyZ0hNZHZIMHN1WERpQjVwbF9YMGRfdER1OVhOQVIxeENJYnBNR2poRzZFTDVpV2NiS3hUVnFIVGFxU3BxSkZ5TFpxRWtXV3hfSmJsWEpaYWRZdVluWnljY1JDZkpuRVZfcksxa0NqLUltMk1ZYkNwM3lDQjV6M3MyTUFzX1FGNkQzNGxxOTY3OERBRDV6cGdjUVFLYWRSZU9Cb2tRMVJSNkhLcGZQQmRFSTdHNjBhX1dJTmROd19iMlBGZjlrMFNxTVduVUF3a3ZORk9kam5JR2ZYQVJKTW1CSlFnT1NwbzNTOHI2TEJucHlRbHp3UTF5Z3VfWGQzQ1dzQ2lGbkI1ZnlWdXhWRUhPbHhVM014MURfWkttSkRtYll1TEdkS1ZqU01uZlBwSm10UGZabXF6YWpPNkN4azVrY2NoODBua0FOZHcyMmdXUEJMNEF0MHROdHJsX3ltUWUzNnZsRVdLUG5ySWxXVWNfS2k3MDd6SmlUOXl3VHZHR21hV0cxTlpoRW0zT1h6by0yV2J1cTJKbTJTdkxNME5oMFVRYU9CMGVob2xwUmxjdjhIRTlSUjJVLVlpd0hOdTZOdjlZZ2VzVXZKR0tKbWl2UzdvTTFGTGZfYzFMMHdiRW5TZnVRWHJ0NGNjUzRpMHgzVXFCQXhSQVh2QlVLRU5SUjN4OExZVjhkNEx2Rm40c2FPdGJHSjZUV3l2MUZoaTlvTlRpOERBbkRBeEZRRUpMUHk2UnhMcXJNQmhqZnBQc05CdGgweFA0Rms4OGk4d0lTS1dTTE94Z05tVDlPcmVxaWhJaXUyaDhJTE85clkyZ2dsN3JZUDlCeXdpUWdBa1BEeU1hVjZSUlJIdGYwUEFSOHFDY0FTZTQxLXRUSVJhR011cklVNDJ2NkI2WWdsLWZUZkJQVXFkbzZlaVFVUEp2SUk3MDAwOExBaENCVGtfNlFwOUduWWg5WXNpTWk5TmtqV3pJX1BtQ21ZeTJYTFRpTjJjQ1VfTVVIU0Vla0t1Z0xOQi1SVXhUUWZWVHIyY1hjV2RHbGNzS2IzQ2FXWDIySHRpaFBIYXpRU0wxckVCNDVJRUVZcjBpZERfNlNjSFhWSFBXVDdpcnJCcV93Qnk3ZEVVTm53UnE1YWRrZ0s0eUh3NEVCaWRoTFVXRnlLbkpVVVI4LTZwS2NEakVTSDEwTlBxTjR6UnhtVl9NdXNmbGV1YU9CSXROeHQ3RG5qcG1sd2lhZ2l2bm1lbmdhLVNvTzBxY191OXZkdDNRVEdQLVJTWllLYW1qYjZMRlBxYkZ3VG1aLXloUk9VakNWZE5JQm5KZ3BSU1J1aHRSM0FMMGFTN1ZaMWdlS1R3RkJPVjBZOXZiSTItbF9Gb2lYc0N5cllWQlRVSVRwdFRBTVHyAh4KBFJVUkwSFmh0dHBzOi8vdC5tZS9taW50bGF5ZXLyAo8CCgpDTElDS19EQVRBEoACYVctamNFM3FCMG9IMkZpY204ZXNvSV9SRXBRZ050MkFjejBDTWJLUGE1Vlc5VV84SGFyXzJ5SnhQdXpBVXEzUS1EOExsRS1jNkJtbTlVRFdJRnhGMXdGS0c2aEpOMkNQVTBwaFRQMFpqNmpqZzg5VFZzT3hqNjhvcjA3ckd2dG9kcjRWMmQ0OWZ4OEU5YnRScEQ2dlhNVzFnOEtJWm9CNmxnRVlORkVOUDM5WjBMX0lsVDRKUUUtLXJ6S0Itak8zSEs5RXNFT2NsTkZBZHhVUEFyZHd5OE5YTldXVi1FcTJKa1pvU3RHUmFfcS1Bb001aFRVbzJtRVNuenRQUkZsaIADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AOBlBTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTY4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATKxLTEAYgFAZgFAKAFsPK-z76esPkowAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsZpJ-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBuiWA9oGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgzyBgIIAIAHAYgHAKAHQaoHBzI0MTIyMzXIB4jxBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH7PsDiggCEACVCAAAgD-YCAE.&s=2b8481cc8dcf5c6d1df69a6be4b955a97eba78ce&bdref=https%3A%2F%2Fboxofficeindia.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fboxofficeindia.com%2F,https%3A%2F%2Ffantoly.com%2Fr%2Fp.html%3Ff%3Dxsldxodt%26e%3D1216403959407,https%3A%2F%2Ffantoly.com%2Fr%2Fp.html%3Ff%3Dxsldxodt%26e%3D1216403959407&

Requested by

Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=xsldxodt&e=1216403959407

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: 0cfa898f-ab11-4777-bf1e-626a806298fc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2B14 0
0 137ms
136ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011201&jk=939641135947206&rc=
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 07C0 28 KB
11 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwmHvVrN7PxBX5_SCtOD3O6vpFUIb56W3WiMJ72QjF0zIAXCROtqqXW8nOZ8OmydNK9uQmTv-XjgRPbzPGhFScDi-yKAbfo3mJRsrjanseEZ8Kpyl16YGnsMYbHj1odOQmKkyvP0FZgbx6ULkxUyeDREH_LzOWPWWtWZXuWvEIsBW2A3M&dbm_d=AKAmf-BNHWzUK-BKQ46MPABxT_nBqj4AzbOLAaR6oavLsalFYhVeXP1ifKUfPNhyijI_RiVXgkN_-iN8sqTr49hgQI6au9eJ1KjMPbkJrE4PRUHNhrYzezgM2SAoOsm19t_Slp6J0KjSDh59m2EcO7haMi6sdMpDO1IAfQIikXT2uRf27EsFc5mOf5hfIXE7LVATpSMZPj0MEFYIo-9y9syMAec8qL_8UmmL5Kk4tbZTLZIinbiIYMlLL0szwKK2mlVPzYappShn9AjGQr_IVyv_tZUY77-r7aGtfkAoM2Y8G6_SgC9VyGpGExOkKVy-Fph4mgSBd52YNRMvArCXO0PpPlNNrG5Gwr139wnOop70GHZKgUZBKweok2K6Fz_5xgfjNGNg5b8Zh5Q77S0B5WC2a7quDntJhxJngZNnDXHE6xM-mZ9ffehv3Iuz8ByXnq6z36rNpLFSyYkP9c13cf7vIRTWPcKkaewYw3WdgrkYgP6IjQIFQEmd9EngPGfW8mcRCdRhEnPseyd8bOzBd9YadkVhmQG_8dUj-viDUU484GPio_Ge8USH9QdwwR3mz3W6vK4So76VcOcmIsTPY6xwaIwo0ae1-B5jXMDWUfusHYOPXAd4SeqW4uTHwStFArIKburmyllAf55LIeSfYmWpnWUP6-LawTeSX3MhMNT1gJ02A0jpEpvDSHjd-szFs5wtyfIlWNi1HvOzzwOw4qTtgZpR0W0YSH6yoWtMdsi4rQJqup8M-nlwg-a_Zv0AxC87DIyAObaBWOMVkVglrtkSrT43KC7tsxpoZnt8O-q2cZnBRdBoCO_7mN145_Q3dxsbFFnD9dYXbyb-JNkdpztFDmRlIWGg1CE53kbQEjxrYdAe2GIKQy9JWkiRHZ-yKbX1neK8iMvAcRfbTwq_JphnH8lB_hJdlAPnuQwkDpjlGdDwjYne-Mw69HYt6V5S1P84MI8g_uM6y0SqawMY0QyFPzPs4Sxm627ng8pHKq6hY8OnvhQMOzHhACuvdMLUF3LYtF4kxtBwO5ut4R9RIZvq9KdK3roy50Z0F3pHkdkD6x7bO859HmRRoPYEJLw2upBCT1nIs1XwFURaQ_IrV8fTMsV3JZB4kPDVIn9K4tPODBTsSxIR17hDb8n7PW3SFVMVjXS0HPD7QdAWSbBIguSIJ2C1DqsXAOQ38ICXc3DCADbPH0OJRCvXLoVADjy7zjvPgevqKR2sRS98i_ytjzIjVJAJyzkbA-6lihVT9rLJwhvwgkr96mco6RSl_4tDrR0jxhgqeFrQfJ6dMjSOYgp2EEKSAXKHtniSDyLHAoNFTczgwoXpgHLvIa4JCePkVU4EcuAZt3CuaCS-fCWdWtlQHOekzzttHDYR4K8zIkFDhvN_6OyPo6KWVmviEumhcyXVs1Bj_zA5cnpbtUOlie3UOFQuo3-9QWiZl8Vsh73uyPMD2_zU_bv8pkaU_RxOILtxyA8X-dZA_m6PTHjk5zOsxsPRtKpkzInnx8WjmGPJWc4lk7XnEZgV1lrkJLmeLmb0cBePLeoDygWV0z-IDUcbGN6qbjMrscOKD93v3cXH9Fi2CJ_Flom-rEq2MJUKMoAVRAPILlhxxFUXlNeQIJlrBFOq3uvW2NTfpFmlr4VO24ObrPTxMqV5VlZ74mrpgonxsrTwhIK4OZiconTaWmGN-0YvMsm4sc-jWt5209Vi2UbmzEQotoziYWQobjr4pOvNhhho-6UUJsxrb1hIeiCh182bZIeOOLHGOk12_j9re9beJM0CCzhU7mH69UxNt8oVne_pTNZniCbFZf_mdKHGY18kdV-5ChC5C0INQRcA3mDNIJlj6805lzBaDwVnlD7fUh818fIkqAcikF3lC8ZO5drsE63CYrEX0Jqi6OhNxk-xGNuB1lYZZBV_nZgUiiO1h2E58fysMGINMB9vMEYRzPjo1ek2v6khJJJQtv4xEBx-irCVwGp7OWUegYo0L9Ea83ZHFcmR0ggyFhC7hjF_zPce9RKQrs0FxUF1OcI2DuC305aMXPQJzvHUosXMlBG9zDctRKVuq2axDg4OYXgWI_gMhdZJKHrjHzwQQk3Y_4pcE-kmpWwDl1AWKdE3eNQE3P8TkLSdDkgDNc3QFoiSeZsLfMbdPtVQYVSQDOH0WPAfOYKum1UphhO3hZwjxNfGZadTzb8LDVbV2vPl0GVTvYhx1mUX1e0yTfZ1wMjvVs0ZL0KSCwEL1xARlGoIMSfW3eFi_zURZPiMOGN-4Z17jZS8RyJf0_f9Z7oae_Nef7DLcxUU_oB6TkrMklwLNLLRXirSJZeXtgrlwjDitJpLMVY5Gs9hQFQ7K6VWmCfR9OxswyLv_LdOkubWgNLS1djAAP_Fx3gq3NRo7XtnWroySFaS9G6BwnDJkRdHLY215vv72j2h4YLCwBBNKVW8Ldq6SoyINpic4CuLHCEeS-IBfBAqkhs5tKqocd0RuulqqG5Ym4rn322OA80bbQQhWKhiy4DIMHkHZFIzau1YujRb5qxCJWak_X0f-yTNNnVi8FL-FiTGqIp4ejC69WvIFZV2Dlr7QVVvHg1C5cbj-6nqOKxfRtD92YVnG0xd7iPr54YFIjBRv-KzFhxcQT591rCOe3NBsOnAX-iVbXLJ_P5zI2fbqfhq9hZk0vx_2Ttb0wKvJ_YEZky-N08msjx-cKtVF5ana3_t7gn-DZW7oHq0kKe5AKIPPdx8hAeaLkvGyMfsXQKs_stZCudFp-kjF3a230mA6ddICT43XqWwCRPGoBd4DX9ewglxErsZuUMUU98dNMhgdCZlc7P0eZuy3kdLhjRCItL7GdChBWzISdQKNv4XVKLV1Qu7KiSBrLbUtJ4MCg9HpZdx3otzRnewyWIcK3_ogMVMW2uelicLqWWmsIJM0bselVb3-0wAi0Tkdu__h4D7ge9Bnh_jOmFtoCwwBGRgYK3OIKTHBIXRG-vq66Qm1PZxsHtPKDmWayBpvxu_uGsm16lC3ArgpjyUD8B5aX67RbdPf4D_QVy7a8fLsrdHVeJW4jOUpk5Ch7jpsf_p1oQ7OKJ9kdoIktLNMBU2wjws4PK4TPC6CWOU42yRNArtCCxF7MsG3xuMVag1I2_SxtyxNanphQhJzhL70-FPsj9O5tXLCtUHXF6T0SOiImNJiAoI5NYeBZYcHGtPYqCTf6x2FP0xJrsARZQaq-i9Z4kEUETe5-ym49SFkyRGEReMDj0S1Gxc1oXMPWNZAOoplFZOQojSBNwiz6BTgfkhFeCr44Eaj-aHeLooWYQ4_LSpdnv6HrGyqNKbaDXXBlkL6jUV3uV2CIF0bU3lVKQqT_fMNNbS&pr=6%3A0.068444&cid=CAQSKQDq26N9b3_r1eUOg1bph4Bu9nKCPrBIFRwJi0f0T0cot93FcTRZeDivGAEgCg&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjM4MyZzaXRlSWQ9OTU5MDc1JmFkSWQ9NDQ0NDg2MCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTEwMzc2OTY4NzIxNzUwNzM3Mjk4JmFkU2VydmVySWQ9MjQzJmltcGlkPTgyRDUyNzQ1LTU1M0UtNEE0OC1BOUFBLTQ1MTc1QkNFQjlDMiZwYXNzYmFjaz0w_url%3D&dv3_ver=m202209210101&rfl=https%3A%2F%2Fboxofficeindia.com%2F&ds=l&xdt=1&iif=1&cor=16456944598518880000&adk=2843392977&idt=123&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:47:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 10713822464293745175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:47:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 07C0 155 KB
47 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame 07C0 8 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:47:06 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 07C0 0
0 183ms
82ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1kxHZ43pWYaWnO1RLaQ-qhXSQlJpcTGE2HTDlr0qPrF1vzWO94DqilhBu3FFBEx3DboHuPwBO8Vc2N4P8y9iE_cugKrgv6H8_SX2BgnEWSH2_WTQsGEg5PGrXZlLB4BMgO0SQrpodX8r0mPREsmJWBr94LVrxS1zUc11jcQceumSnVdZdvqTHO9_iMTNlBla2Y1QPegDe2A7ZcM9W-PtZ-Bwv0ahcGSU5VjQKm3847SYO8qXV3OQJJTuobgx2bSmu-GRq8qw2S9CgM2zMG14QxOkStbs5NXCLSmVv6Dp-gjezCke0Fsc1ZiSYNqUzeDxzifzzmUNZ4uW88oeBzwJibJZpb6B428gamPKz5q_6n-poY1czuaWUYNIvPCrd7KV3i6jWIiojWNpEtDX0yqyOmXWSAFlVuZ7MVLYMbjgF8bCzoDbRLGYPRDInlrUx3WodkdvE1dL6bLZ7evREkX7FIAJgPTwPNP1pcThGlRynK4hDW3QWVtrU08YVRW6pUikTg7Y6GoZQqNU3k3YImHPD21RRIr__AvpPEn64e5fs14GjDOgXKgIa-mOH-_Pmx2eYCWzFV9tL1JtcO5h0q33C5Rs_3jhaSmRzBoluutKD12yly2G7ApwZpDemrTYayZEIy-XFZdA-7B8pXcu4QbBs5RiLASYY_MXuvRw4wA0nHOsM32EFrY_lzkI3rH0QHZ93n59aXtuc_oX5A7dg-RUocYQ4hMOuOepOqcPHTJ1mta7dZL3JSufo5wiR3RaoXOoGfZe0s10FNycWSoZYyKAeSiGeX7PJHfJSKdhD0xOfFo4ZfXkmWOuExXFvOLcMVadca17pXY2SrDZ5oR2A90iGhXDjh1pMeakyO1Jmd2I2oEw0_F60e86eowH8ARnDd-Y-wAt6NBgux4ePM6drl65xW3_cYScbcrStWnWHBSB5oVn69FK_F4lpEJ-7ZEDKck7_bCHbn00C70c7HJPNm6SLbj6b9JfshwNfAuczlabZthAb6deYx3NydzGrebiybI8tWw3gdfzy4igVKeyfuhELDsaQRjXxqac3gFHEIDrWVv32lDoa6l-rQLv_rfzLqwZGd-cJ0eBXGQOXHJAQGcj-v4Py521MrDp0meHBObY3jtW0X-48ABEda1zTr1okw9i5vM7TtFHwQSVI-MwBzh6CO7-mHAQZif67o0gRY-w2EGvtMQ&sai=AMfl-YScI8iN6W1V1Wo3LDS241OFt1P-C8r1IPOZ34pt_8CrN1g_fYJSFwI1XK7BiJ9OIKzBLKSyI5YA4Srpur1R9o9Ax4x-qR-huq0kR2IHGooTnTbJz_nQBIPv3SgXvzdmhDTxbzO2KnkLA5zeIJ-ToUNarW3TD86g_leckj-MCwTEY8YMLsPe2yOsuvgt_-KAwxmodmFO16VGpvAfDXI&sig=Cg0ArKJSzDX2C7mEIbxQEAE&uach_m=[UACH]&pr=6:0.068444&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230118.04579&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:57 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 07C0 41 KB
15 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 18:29:42 GMT

GET
H2 200 5472724226390914059
s0.2mdn.net/simgad/ Frame 07C0 63 KB
63 KB 42ms
39ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5472724226390914059

Requested by

Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=mdbxrpdeb&e=1216403959407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

547d5fc0330eb83eccafc4d6b516ddfa476f481620f4ede24e8693d6c59f39aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 18:35:15 GMT
x-content-type-options: nosniff
age: 412722
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64327
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:15:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Jan 2024 18:35:15 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A157 0
863 B 14ms
13ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: a595ebbc-9476-4190-b169-b74d66541915
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4643 36 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 10:03:03 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EC67 0
863 B 68ms
67ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2036922&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2036922

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: 65f006af-f328-404a-a424-75430684b42c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2CC7 281 B
124 B 78ms
76ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARje4Z3cATAB&v=APEucNWYkpNn7YgSVGmJZiGcQU4V6JI2q8tJhv4saAz7YytFUufMj6XOnGCAsL5qGgy4uKUfRpNNyw8-vJ8p8Sj8ij65UIuAFj5K0Mk3cDulKEqxDrRedWY

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8CD4 76 KB
27 KB 101ms
99ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 20 Jan 2023 13:13:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CD4 42 B
63 B 137ms
136ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DyYxHWVd-BUa4tz_q35cgGgEZi7OQw0Em8lWmtfybgcw0j1cEETDlOED2LiDt-AhM7HxWu7IrExhbFDwKYYYDLLV6js0PakVosHmJDV-U61ma1EmY

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CD4 0
20 B 138ms
137ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14396119925570964626&x=6&ct=76

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 5FC0 0
953 B 23ms
22ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fboxofficeindia.com%2F&e=wqT_3QLiBPBMYgIAAAMA1gAFAQiVp6qeBhDFyI_Cnb-5iSQYhbLs8JS359x9KjYJsPPK_t1YQT8R-jHC8iNqPD8ZAAAAwB6F9z8h-jHC8iNqPD8psPMJJNgxAAAAgD0Ktz8wpoz0CziYUECfF0i3AVDKxLTEAVjhiZgBYABoi_m1AXiI8QWAAQGKAQNVU0SSBQb0dQGYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCG2h0dHBzOi8vYm94b2ZmaWNlaW5kaWEuY29tL4ADAIgDAZADAJgDF6ADAaoDTRITMzA0ODYwNjg4ODk3OTIwOTQ4MxoTMjU5OTM5Mjc5NjE4NDE0MjkxNyIJNDExOTAyNTM4Kg1PQVRIMTAzMjcwMDAwOgc1NzU4MTA4wAPgqAHIAwDYA4GUFOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMrEtMQBiAUBmAUAoAWw8r7Pvp6w-SjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWxmkn6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AG6JYD2gYWChAAAAAAAAAAAAAAAAVBoBAAGADgBgzyBgIIAIAHAYgHAKAHQaoHBzI0MTIyMzXIB4jxBdIHDQkABS4AAAUwDNoHBggFCWjgBwDqBwIIAPAH7PsDiggCEACVCAAAgD-YCAE.&s=0a6e976c930c4636d3dfcdcfda120dd02314bec2&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=259&sid=8074371741615353414&vd=ct~0|rr~0&sv=231&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=24970790&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:57 GMT
AN-X-Request-Uuid: 5c835ea6-aa63-48f1-838b-4bd6518f4223
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 2AD0 34 KB
16 KB 283ms
23ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60438838;rtbwp=3A5C64705754B0E6;rtbdata=tod4paA22JRETz6N6BMBaVK9p0JY1HwAy-GRy-_gRRifnBWVWvBaGtZ5GMsze_QRJSfrJiyjckBtoDIkcHywho8c66ILWHw2uEZz4T_1OHCUfHG70GN2BEjHa9bDDW-6W57wu2CMkJY42qreeFzipPuFoDiXg-sf8LC0ZA03B-RIiVI_NKzWzcyz6gHPsuTysKv56gpmpZQ9PnRhVY0mMIuAWRge-aLE-NQRgyeAjK_dIeaxBlhqxs4e6UJ19UI75650FB0y-X7KaA687ag4nVHD2KD_2Ifv0;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/ams3/0/12b2855f-72d8-495d-978f-a273f3d53fe7/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:58 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 21 Jan 2023 16:41:48 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0978 38 KB
14 KB 12ms
12ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=mdbxrpdeb&e=1216403959407
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=76459
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Fri, 20 Jan 2023 13:13:57 GMT
expires: Sat, 21 Jan 2023 10:28:16 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdDisplayTrackerServlet Show response
st.pubmatic.com/AdServer/ Frame E4A2 0
91 B 243ms
18ms Document
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156383&siteId=959075&adId=4444860&imprId=82D52745-553E-4A48-A9AA-45175BCEB9C2&cksum=FB23D7E2DE7340BB&adType=10&adServerId=243&kefact=0.047911&kaxefact=0.047911&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1674220437&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.068444&dcId=3&tldId=0&passback=0&svr=BID22447U&adsver=_16601138&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=lZPKY7gwBADZkqSjbM7POqmU2MBisrlOOElAgYZs3dIIkO9l&ekaxefact=lZPKY84wBAAD2SdUpM8r_6KIesE8NLU1i4NEv8IGg0xKwegc&ekpbmtpfact=lZPKY-IwBAAJt4_2Waps-y4TtMp7Os1lDJNI405MoA8KaIBd&enpp=lZPKY_kwBAAvoFVw-omI5nn5zip3fGqRoq_ePxF9piN83ZsN&pfi=1&domId=37901088856799851&dc=AMS&pubBuyId=22768&crID=461861086&lpu=fiverr.com&ucrid=10376968721750737298&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=3236534&wDspId=80&wbId=11&wrId=0&wAdvID=15653&wDspCampId=19286745583&isRTB=1&rtbId=4E13A9C1-A5A4-4C4F-9046-0EA43DD58061&ver=3&dateHr=2023012013&oid=82D52745-553E-4A48-A9AA-45175BCEB9C2&cntryId=58&domain=boxofficeindia.com&sec=1&pAuSt=2&wops=0&sURL=boxofficeindia.com&BrID=5
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=mdbxrpdeb&e=1216403959407
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 20 Jan 2023 13:13:57 GMT
expires: 0
pragma: no-cache

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 07C0 0
0 74ms
73ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1kxHZ43pWYaWnO1RLaQ-qhXSQlJpcTGE2HTDlr0qPrF1vzWO94DqilhBu3FFBEx3DboHuPwBO8Vc2N4P8y9iE_cugKrgv6H8_SX2BgnEWSH2_WTQsGEg5PGrXZlLB4BMgO0SQrpodX8r0mPREsmJWBr94LVrxS1zUc11jcQceumSnVdZdvqTHO9_iMTNlBla2Y1QPegDe2A7ZcM9W-PtZ-Bwv0ahcGSU5VjQKm3847SYO8qXV3OQJJTuobgx2bSmu-GRq8qw2S9CgM2zMG14QxOkStbs5NXCLSmVv6Dp-gjezCke0Fsc1ZiSYNqUzeDxzifzzmUNZ4uW88oeBzwJibJZpb6B428gamPKz5q_6n-poY1czuaWUYNIvPCrd7KV3i6jWIiojWNpEtDX0yqyOmXWSAFlVuZ7MVLYMbjgF8bCzoDbRLGYPRDInlrUx3WodkdvE1dL6bLZ7evREkX7FIAJgPTwPNP1pcThGlRynK4hDW3QWVtrU08YVRW6pUikTg7Y6GoZQqNU3k3YImHPD21RRIr__AvpPEn64e5fs14GjDOgXKgIa-mOH-_Pmx2eYCWzFV9tL1JtcO5h0q33C5Rs_3jhaSmRzBoluutKD12yly2G7ApwZpDemrTYayZEIy-XFZdA-7B8pXcu4QbBs5RiLASYY_MXuvRw4wA0nHOsM32EFrY_lzkI3rH0QHZ93n59aXtuc_oX5A7dg-RUocYQ4hMOuOepOqcPHTJ1mta7dZL3JSufo5wiR3RaoXOoGfZe0s10FNycWSoZYyKAeSiGeX7PJHfJSKdhD0xOfFo4ZfXkmWOuExXFvOLcMVadca17pXY2SrDZ5oR2A90iGhXDjh1pMeakyO1Jmd2I2oEw0_F60e86eowH8ARnDd-Y-wAt6NBgux4ePM6drl65xW3_cYScbcrStWnWHBSB5oVn69FK_F4lpEJ-7ZEDKck7_bCHbn00C70c7HJPNm6SLbj6b9JfshwNfAuczlabZthAb6deYx3NydzGrebiybI8tWw3gdfzy4igVKeyfuhELDsaQRjXxqac3gFHEIDrWVv32lDoa6l-rQLv_rfzLqwZGd-cJ0eBXGQOXHJAQGcj-v4Py521MrDp0meHBObY3jtW0X-48ABEda1zTr1okw9i5vM7TtFHwQSVI-MwBzh6CO7-mHAQZif67o0gRY-w2EGvtMQ&sai=AMfl-YScI8iN6W1V1Wo3LDS241OFt1P-C8r1IPOZ34pt_8CrN1g_fYJSFwI1XK7BiJ9OIKzBLKSyI5YA4Srpur1R9o9Ax4x-qR-huq0kR2IHGooTnTbJz_nQBIPv3SgXvzdmhDTxbzO2KnkLA5zeIJ-ToUNarW3TD86g_leckj-MCwTEY8YMLsPe2yOsuvgt_-KAwxmodmFO16VGpvAfDXI&sig=Cg0ArKJSzDX2C7mEIbxQEAE&uach_m=[UACH]&pr=6:0.068444&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=175&vt=11&dtpt=173&dett=2&cstd=0&cisv=r20230118.04579&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:57 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 2CC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEM9jxM_0pXaHk7jjBaJGvC0&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEM9jxM_0pXaHk7jjBaJGvC0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=26aad32673f45bd6c6c62d26834974c4&uid=26aad32673f45bd6c6c62d2683497...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
264 B

44ms
42ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARje4Z3cATAB&v=APEucNWYkpNn7YgSVGmJZiGcQU4V6JI2q8tJhv4saAz7YytFUufMj6XOnGCAsL5qGgy4uKUfRpNNyw8-vJ8p8Sj8ij65UIuAFj5K0Mk3cDulKEqxDrRedWY
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:58 GMT
Last-Modified: Fri, 20 Jan 2023 13:13:58 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 2CC7 170 B
188 B 70ms
70ms Image
image/png 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARje4Z3cATAB&v=APEucNWYkpNn7YgSVGmJZiGcQU4V6JI2q8tJhv4saAz7YytFUufMj6XOnGCAsL5qGgy4uKUfRpNNyw8-vJ8p8Sj8ij65UIuAFj5K0Mk3cDulKEqxDrRedWY

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-18-168-77-94.eu-west-2.compute.amazonaws.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame 1FEA
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://us-east-pbs.automatad.com//setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GBJ5tRZHCWjJzRKXT6-NoRKa
https://us-east-pbs.automatad.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GBJ5tRZHCWjJzRKXT6-NoRKa

0
962 B

107ms
101ms

Image
text/plain

143.244.214.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GBJ5tRZHCWjJzRKXT6-NoRKa

Protocol

Server

143.244.214.118 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GBJ5tRZHCWjJzRKXT6-NoRKa
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 117
expires: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3E5C 22 KB
8 KB 93ms
43ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 153857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 18:29:42 GMT
expires: Thu, 18 Jan 2024 18:29:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CD4 0
20 B 137ms
136ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7141126709889&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CD4 0
20 B 140ms
139ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7141126709889&version=m202209210101&ct=76&x=6&cor=14396119925570966000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8CD4 70 KB
33 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DE6cwtQhIe-1zHy4OwOPtCCySQFP3iEf0jqLZB3Q65f9wwcb7BNtYIOrcEeDH7pi0_vWb9R80yB2akFTtzIFxGBvFc-jD8ViGRWozPYNH2uhqHVlbBcE2lAiTP8I4gf5AGXQ_DmW7VLpInTmXOvYl9cWI15Rqoi5t1VvsUk10I9B26gtI&dbm_d=AKAmf-CGYllnEGmErJpnNxjE2FzmPF3i8sRZk07f05GhoJR--ytFXpuEosOB7tMFn87fP9AX9jOB15of35QFZJbK3_YCdsh4Ti4nFTjoZVn7tLrpoOTRzifzc_tyeFPqbyNhhYDMIIX3zFs4lurfNA2Qj25CEwVywmY2Hrta7ZL9IqVDo9qaYZe5h71K0GHUtavkj1peiUcSZz_1V6y-3keGrVn2iQDYm5OqwYv7P7085vxrOPolXhfwOHvcE_kcZTuE1-AoqigW15Z58soB2tAaOd_90tnYtPfisj8GsBKyp_ZAf1jlXjwsubec3yq62eluqa_CRA0MCcEcrHp_b1JdlEO3Tx6wWqisfoRVMNL7hsGmsu8WGEsBcjSDjULP0qjbhMYyHLpNW83KGXRs35ejncc7qcuE8aJNZxAKHrz1ieWfk0RgeulhV-GLDqtcQnXRg-14MM3zEYv_D_Aan86ca8gAfT1XXsy8fueoyK6cBf2kIGfP-2c2C3aMoOxQgkcbn55LFYL1IycMLmh77lx4JFia_fa_ALHbd2vW7bdqctg0bEaAjRlDA8e6WmFmYTiJZ8qBviWL0yg16n0cGuQKKu0bIcupIYy_3-yI7B1nmaXsVYVJw1aMV7KFDNcfqsqLisir-R6d1GfVLQHhgDm5DhwQ70CTqm0wU78H8tWlt0SKcYjF7FMFu18lk2xZaSNTrXn-xY_aBilvV65u5KMPubhFF_C9ntuFRJ8zBtnlDltQsNZQtbfTRMK5mUCFLYAWk6fN7dn2WzSJOYGi2Wd1Tl4r4nns4CkrMBV9VjePdREm3dlpor5aIp7wd7yNoxtAhGgh-cOZXWS4nx1naebhPSvoLrkPQF7Czc--_vTpPCF3jm65gEBxC1i4Lrf1ehQwi2U1d7pdl3tVJAhLB8igQ0AJTdJUPB0e5CP4FZq9c8yOw18oHPPP9uSxcPC-K9KKpNZfC-xSCr9coc9VJZKDF0HqMVuoKNMcDZZ0nH9bE9bOM_O9lMitKiuQnrMDP_kzW5Y0uei6JP2Zv1KUc2ERRuBBfKSTRM0_y-EsahbI7lSUJf1WA2f5DqaMmE1H0XYQX-UK8vt8A5hqL043ZCsCrg7_88BkN_vjFPvfS6_x2BgOK46bhLDclk0326-lWoDcQ6cszdrU5m-z1T_z8QShiQE2dFjSv-wGi8GDtGr-QaON502VHh_iDJvZdqHyJ7HPzMbk1zh26RSG7U2JO7Wgtf-JogCnfN4PsTWdhCLicekAe--NkMD8XPJ2GNzrO2OjIEwEXU4YHgurfFLwGVq8_Bpz72r0xzItsbqYgPh5L3tYOAuLGGVBntgzi3SzAOyBv_K5qd2Y4JnzaM5H67xIjzM9yMcGGs4VnZBwYBVkqPkfkeFiAcposrda1obT6nbA-n3l71GLQeS9MnGN6sTpgnenzGqot9-hkz_ytv8W29RZuQyy2LNZ6l9jdlP4q6Q67V3iXRu3QHdTiN8uUl3cXikWax0zRMBRlpq2m6O-HCtnHj3ErJMrBKk2mPCWEWOSRhPomcqC8ZyFZ6PGeaOechv7fzRe54ZgRkNdYAnOgUWbPMg2lk-PSiT_EuY_J_R6Ns_Ep2l99ZFtGF917HM3qMTtbcgKlPr0zDaAvGNMw4F4T9ad5u-9hZ9BcaxiiFrm0ZFqZc-EsGmwqXTZP7Zj6TpDbTQ2CMMeGbtRrzdN7qRF71MAFzY-VvpKIbex8_ScgCBvS-Ar21CdHuR7QQNoVpL9gPZAwjrWl67ga9ZJ6a-yF-7NlFcpRbD8L9l1nz_4cAlMa3-N5qHUsnECKpOkUmba_NLDmBx5NGW1H14rCdaywHg4PkiDtFkSMjCTNxuwrxmuuyUDnVdQjLp65KuBPQoEwPhCUjhbmYcux2-7jpHnVn92jXv8zaPKt7eaH7oDxaOMX8W_r5OKbE66uaNagd9912bS0qK3jITfXHnDz5sYsPMDwxxPxu78frmZSg2EZ91sYlY4nctqfv-G94vaZwz2-N1GkhNM65qP2rwEnD8_ixk1NmIv_t_GPU1D7rrFnwTu0yozYpx08G195CEa1N_QExkWQn6P1huDZ_thE4vl6_Hdc3Gml6VAGob2uO6-zFNoOnjL35rop8BnNAmfl7bP2d5Vzj0_CzfAIjaYLUM3ht7-0eC6dfDtpJv_9LDk4-YO_BjUQoC3jki7Pbc8ABsGhAyn4R-yni-leL8i0COiQBlL1LKYRnw48i8zdkFsF5EX8_gnyzCML_UU4GLhMmRUEvZ6sKBWsVekZi14iWdqbhCcMPYuoPGgTZjy0rNaLsxAehrY2v8PlxEagWhZStb9hxApzbUSBdYuvNSl7y5TocRCGlGP0iXqr-jvacreW6vXYXST5lzgzH6i-wy5Z28GY54B2Urz9jwatWfGVS8cvyeWEmS9CJGqxjBJpRaHymY_vaqPJqhUPzPWcirNwpMyZWJWEcxAin0wBddEYttd9nI3Wo1xvcyHQSKjCP257Zl2ptrdUhpVbRs9lES9kLJIeGr03Lzo878a0Ai-Q7EoafUB8_6hqUxzdfW4qe5_fmBRu44MQszjb_IqQAhQRdVPZ2rC5EsuTb3RQvd4Qg01sHiPZ8hHicL-VdYy5qrs11Xt_8WYl7LnmpdWbkPTG-XYaGrcjlZaybXK5V8Py2LhzOsZXn68OER0gn1JUmkhT8DhqOrkiwe2hqQMuxXH-jUwCozJQtMYgJ1KUkBA08rHOasNiAGOy1jpyLQ3k8Wfg0d0vkp0Dk9nKjX8x6DskF87ZRjWBzciGflffT1dkiphtIQgPELQGKvnDnSEy37BSJuFfrDXGBfMq-DT96T6ngsAnEnCrU-ubQo9z8ierI-XV9ZolQFCQZ7ulwvrYdTIUASdOT5OgL5fK9xKiPBqE6rrVvjfXUU98MdrmnjItl0Ao1x7jV6Px2LuBLKwM7rGYLj6Xmanz8NqXeB4pJ-rq4d6jjMGuLQ0DM4de6ylSewWcVaGQEl-t_n-d5MpZ4FLq4efbHjm_8ZyMpaZqz4PoCqF8lnZV649OFQO63zvir9zbWVCYmHtycucHJsEdmr2rfrlgnX1XcpG3iAsi5LcBMenjX_Kkpqi5DeGN_6pidgQ3dTJZDdAE2jJNQ2u-4fJQ5a2od3tsMN884vFtrZM4ZXkgh03l3o3I8yD7M1qVmctXmASV5_db1Kb05Vtb29NB_0KlQGiFyO-G8elCC1cO92uJcblUTO11HltuAy6o7aenpQbsDxUdvuW4RA7nZUQ3KcyvUMrjg3Mo2ZCxC2kTyhcQi7nLsHb4I09-G3_YNWChK60t4Oq1TWgIprITi3ZpfU64hif&pr=6%3A0.068444&cid=CAQSKQDq26N9uvAOIxA7i9JHLjRz1dEKnW2H6Cv74ri0ZdqxLcir4FibTq4uGAEgCg&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjM4MyZzaXRlSWQ9OTU5MDc1JmFkSWQ9NDQ0NDg2MCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTEwMzc2OTY4NzIxNzUwNzM3Mjk4JmFkU2VydmVySWQ9MjQzJmltcGlkPThERjUzQTMwLTNEMTctNDVBOC04NkUxLTg5QjUwRUYxMDVGOSZwYXNzYmFjaz0w_url%3D&dv3_ver=m202209210101&rfl=https%3A%2F%2Fboxofficeindia.com%2F&ds=l&xdt=1&iif=1&cor=14396119925570966000&adk=33004680&idt=110&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0110bceae80e645c16958d47d3f69ede8c40fbd2836d8149b4c93c0c3504e285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34141
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 2AD0 5 KB
3 KB 26ms
26ms Script
text/javascript 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60438838;rtbwp=3A5C64705754B0E6;rtbdata=tod4paA22JRETz6N6BMBaVK9p0JY1HwAy-GRy-_gRRifnBWVWvBaGtZ5GMsze_QRJSfrJiyjckBtoDIkcHywho8c66ILWHw2uEZz4T_1OHCUfHG70GN2BEjHa9bDDW-6W57wu2CMkJY42qreeFzipPuFoDiXg-sf8LC0ZA03B-RIiVI_NKzWzcyz6gHPsuTysKv56gpmpZQ9PnRhVY0mMIuAWRge-aLE-NQRgyeAjK_dIeaxBlhqxs4e6UJ19UI75650FB0y-X7KaA687ag4nVHD2KD_2Ifv0;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2fams3%2f0%2f12b2855f-72d8-495d-978f-a273f3d53fe7%2f;js=1;adfxid=1x;1156;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fboxofficeindia.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

957811c1735d38e90503cb4006828bdd39dccb4075d698a39452450022b55052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2334
expires: -1

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fboxofficeindia.com%2F&domain=boxofficeindia.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=dtR8GnxkSkxnT1VyMklWSUxPRUhiYjhjWTY4TFFEbisvYytJNm1tWWFObDk4Rmw0MDJPMTUwUTZST2hlZXQxZWtCQ2xHNk12WTZNeU5qMDN4SzAxdXhkc3lrcENFV3ZxN2FXU1ZTZnpMbHlzanJTSFBLbjZtRFBmd0xlTT...

495 B
740 B

18ms
17ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dtR8GnxkSkxnT1VyMklWSUxPRUhiYjhjWTY4TFFEbisvYytJNm1tWWFObDk4Rmw0MDJPMTUwUTZST2hlZXQxZWtCQ2xHNk12WTZNeU5qMDN4SzAxdXhkc3lrcENFV3ZxN2FXU1ZTZnpMbHlzanJTSFBLbjZtRFBmd0xlTTE3V3BJNEVDMWlscUpFVjFLUndnZWNqdFhlaVF0Y1hsQzdrUnZYWWYyYW13bWZuNEpwcEVZWTVMdTB1WnlMMzJVb1Z5U25IdDI0NnlaS0JVYnd2MFI5SjMvcGdGbGZHdmd4ZnRyM3NrS1BRNUFKK1k0S2Zma054NTBZV3FDeGp3aXBxSzNxTStWdVNMU1piWXBRV2M5VUx4S1ArL0p2QTFDYS82cjFYSGtwMy9PcXl3RWF1Yz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bd1678f0792cbb683806d7f96339879d2bf8c58e25cf99848339e6f4f43f608b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2043349
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=dtR8GnxkSkxnT1VyMklWSUxPRUhiYjhjWTY4TFFEbisvYytJNm1tWWFObDk4Rmw0MDJPMTUwUTZST2hlZXQxZWtCQ2xHNk12WTZNeU5qMDN4SzAxdXhkc3lrcENFV3ZxN2FXU1ZTZnpMbHlzanJTSFBLbjZtRFBmd0xlTTE3V3BJNEVDMWlscUpFVjFLUndnZWNqdFhlaVF0Y1hsQzdrUnZYWWYyYW13bWZuNEpwcEVZWTVMdTB1WnlMMzJVb1Z5U25IdDI0NnlaS0JVYnd2MFI5SjMvcGdGbGZHdmd4ZnRyM3NrS1BRNUFKK1k0S2Zma054NTBZV3FDeGp3aXBxSzNxTStWdVNMU1piWXBRV2M5VUx4S1ArL0p2QTFDYS82cjFYSGtwMy9PcXl3RWF1Yz18&cppv=2
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 658686
content-length: 0
expires: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1F9B 16 KB
6 KB 9ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=52330
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 20 Jan 2023 13:13:58 GMT
expires: Sat, 21 Jan 2023 03:46:08 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6F78 281 B
554 B 10ms
10ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Jan 2023 13:13:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame E8ED 3 KB
2 KB 68ms
18ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 441
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 78c8120fccde9a3b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Jan 2023 13:13:59 GMT
expires: Fri, 20 Jan 2023 17:13:59 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 6029 0
80 B 32ms
30ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 20 Jan 2023 13:13:58 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2AAD 52 KB
17 KB 10ms
9ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/7648/prebid_2022_12_23_9_1_33.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 23354
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 20 Jan 2023 13:13:58 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 375580
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220093-HHN
X-Timer: S1674220439.962403,VS0,VE0

GET
H/1.1 200
OK bid-switch
ms-cookie-sync.presage.io/v1/init-sync/ 35 B
609 B 197ms
40ms Image
image/gif 13.32.27.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ms-cookie-sync.presage.io/v1/init-sync/bid-switch?iab_string=&source=prebid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-76.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:58 GMT
Via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
X-Powered-By: Express
Surrogate-Control: no-store
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 35
Pragma: no-cache
Last-Modified: Wed, 18 Jan 2023 13:45:37 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Amz-Cf-Id: nHWzmPe60NiGO9rleJTfHCGwLnDStALiwta4DfwlblHUfijKRMBS5w==
Expires: 0

GET
H/1.1 200
OK init-sync
ms-cookie-sync.presage.io/ttd/ 35 B
609 B 210ms
53ms Image
image/gif 13.32.27.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ms-cookie-sync.presage.io/ttd/init-sync?iab_string=&source=prebid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-76.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:59 GMT
Via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
X-Powered-By: Express
Surrogate-Control: no-store
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 35
Pragma: no-cache
Last-Modified: Wed, 18 Jan 2023 13:45:37 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Amz-Cf-Id: LzdhYchOk6dppHVxMAuzWVxEmAE4EyB1cWnvz8y27zR-5k1ldURjjw==
Expires: 0

GET
H/1.1 200
OK init-sync
ms-cookie-sync.presage.io/xandr/ 35 B
609 B 198ms
42ms Image
image/gif 13.32.27.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ms-cookie-sync.presage.io/xandr/init-sync?iab_string=&source=prebid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-76.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:58 GMT
Via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
X-Powered-By: Express
Surrogate-Control: no-store
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 35
Pragma: no-cache
Last-Modified: Wed, 18 Jan 2023 13:45:37 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Amz-Cf-Id: HA7BXqSe-yoIQaeuPgAOAWLY9Yc3E1Fe5WPJ1CK0PK_R0e1KlRXJVg==
Expires: 0

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame B60B 43 B
163 B 196ms
21ms Image
image/gif 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1674220437505&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=474129451314267059&rtbet=0&rtblt=638098172371609624&rtbnid=1999&rtbh=2bac003aa36555b988c7715089badb5ed29a36e4&ts=1674220437505
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=spodtwzvm&e=1216403959407
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:58 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8185
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9059445544637372677&gdpr=0&gdpr_consent=

42 B
219 B

23ms
20ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9059445544637372677&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:13:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: aa5ac90c-1b9d-48e2-b25e-16133ab27f1f
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Jan 2023 13:13:58 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9059445544637372677&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 758D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7190722031800416405&gdpr=0&gdpr_consent=

42 B
260 B

36ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7190722031800416405&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:13:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Fri, 20 Jan 2023 13:13:59 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7190722031800416405&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D422
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ew0cPO9STHlw2yOJVl6hg7nVm6g

42 B
298 B

19ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ew0cPO9STHlw2yOJVl6hg7nVm6g
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:13:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Jan 2023 13:13:59 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ew0cPO9STHlw2yOJVl6hg7nVm6g

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 78EE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8qTkwAAARFZpgAb&gdpr=0&gdpr_consent=

1 B
320 B

22ms
19ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8qTkwAAARFZpgAb&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 13:13:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Fri, 20 Jan 2023 13:13:58 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8qTkwAAARFZpgAb&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220044-HHN
x-timer: S1674220439.972373,VS0,VE0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B0E1
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFMSDkwN0hsU2NBQUNCbFVqODBMdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AALH907HlScAACBlUj80Lw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1321010165453093258&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AALH907HlScAACBlUj80Lw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1321010165453093258%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1321010165453093258&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AALH907...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AALH907HlScAACBlUj80Lw&gdpr=0&gdpr_consent=

42 B
278 B

19ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AALH907HlScAACBlUj80Lw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:13:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 20 Jan 2023 13:13:59 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AALH907HlScAACBlUj80Lw&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 sync Show response
ads.servenobid.com/ Frame 141C 0
358 B 35ms
31ms Document
text/html 63.33.247.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/sync?pid=316&uid=C833D44B-9EE7-47EB-B335-A7378C3B4075
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.247.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-247-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
content-type: text/html;charset=ISO-8859-1
date: Fri, 20 Jan 2023 13:13:58 GMT

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 5085
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C833D44B-9EE7-47EB-B335-A7378C3B4075&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C833D44B-9EE7-47EB-B335-A7378C3B4075&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

35ms
35ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C833D44B-9EE7-47EB-B335-A7378C3B4075&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: HTTP/1.1
Server: 77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:14:09 GMT
frontend-id: 4
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:14:09 GMT
frontend-id: 6
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=C833D44B-9EE7-47EB-B335-A7378C3B4075&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5085 95 B
382 B 177ms
23ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C833D44B-9EE7-47EB-B335-A7378C3B4075
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 78c8120fcd932c2e-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200

p
a.audrte.com/ Frame 5085
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C833D44B-9EE7-47EB-B335-A7378C3B4075
https://a.audrte.com/p

68 B
424 B

104ms
104ms

Image
image/png

54.162.158.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: HTTP/1.1
Server: 54.162.158.162 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-158-162.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:59 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 20 Jan 2023 13:13:59 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 5085
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3575045746
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C833D44B-9EE7-47EB-B335-A7378C3B4075

0
284 B

66ms
21ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C833D44B-9EE7-47EB-B335-A7378C3B4075
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
via: 1.1 google
last-modified: Fri, 20 Jan 2023 13:13:59 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C833D44B-9EE7-47EB-B335-A7378C3B4075
date: Fri, 20 Jan 2023 13:13:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1b2a5ef1-b7ea-4386-be3f-36100d2649e5
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1b2a5ef1-b7ea-4386-be3f-36100d2649e5
https://x.bidswitch.net/sync?dsp_id=4&user_id=70d94c53-02c6-439d-914a-a94e2361d95c&ssp=pubmatic&expires=30&user_group=5&bsw_param=1b2a5ef1-b7ea-4386-be3f-36100d2649e5
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b2a5ef1-b7ea-4386-be3f-36100d2649e5&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

19ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b2a5ef1-b7ea-4386-be3f-36100d2649e5&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 13:13:59 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b2a5ef1-b7ea-4386-be3f-36100d2649e5&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 20 Jan 2023 13:13:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 C833D44B-9EE7-47EB-B335-A7378C3B4075
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5085 43 B
600 B 34ms
32ms Image
image/gif 2a05:d018:d29:3602:8a24:a60d:c474:c49c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/C833D44B-9EE7-47EB-B335-A7378C3B4075?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:8a24:a60d:c474:c49c Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5085
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C833D44B-9EE7-47EB-B335-A7378C3B4075&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J_R.xwVE2uV9dhy2iyVnyzJq8wGMAd4-~A&gdpr=0

0
128 B

30ms
19ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J_R.xwVE2uV9dhy2iyVnyzJq8wGMAd4-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:57 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J_R.xwVE2uV9dhy2iyVnyzJq8wGMAd4-~A&gdpr=0
date: Fri, 20 Jan 2023 13:13:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 5085 0
103 B 46ms
17ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C833D44B-9EE7-47EB-B335-A7378C3B4075&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5085 0
191 B 166ms
13ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D41E 16 B
232 B 78ms
69ms Fetch
application/json 18.168.77.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.77.94 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EC67 0
863 B 16ms
15ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2036922&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2036922

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-18-168-77-94.eu-west-2.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:58 GMT
AN-X-Request-Uuid: 3a6b9a07-cf3d-4b76-bac5-08a41f9afd00
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D41E 16 B
232 B 78ms
70ms Fetch
application/json 18.168.77.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.77.94 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 46ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fboxofficeindia.com%2F&domain=boxofficeindia.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://boxofficeindia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://boxofficeindia.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 20 Jan 2023 13:13:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 308457
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 158ms
21ms Preflight 18.168.77.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.77.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-77-94.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 20 Jan 2023 13:13:59 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 106ms
22ms Preflight 18.168.77.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.77.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-77-94.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 20 Jan 2023 13:13:59 GMT
server: nginx

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 5FC0 0
953 B 33ms
17ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fboxofficeindia.com%2F&e=wqT_3QLiBPBMYgIAAAMA1gAFAQiVp6qeBhDFyI_Cnb-5iSQYhbLs8JS359x9KjYJsPPK_t1YQT8R-jHC8iNqPD8ZAAAAwB6F9z8h-jHC8iNqPD8psPMJJNgxAAAAgD0Ktz8wpoz0CziYUECfF0i3AVDKxLTEAVjhiZgBYABoi_m1AXiI8QWAAQGKAQNVU0SSBQb0dQGYAQGgAQGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCG2h0dHBzOi8vYm94b2ZmaWNlaW5kaWEuY29tL4ADAIgDAZADAJgDF6ADAaoDTRITMzA0ODYwNjg4ODk3OTIwOTQ4MxoTMjU5OTM5Mjc5NjE4NDE0MjkxNyIJNDExOTAyNTM4Kg1PQVRIMTAzMjcwMDAwOgc1NzU4MTA4wAPgqAHIAwDYA4GUFOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMrEtMQBiAUBmAUAoAWw8r7Pvp6w-SjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWxmkn6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AG6JYD2gYWChAAAAAAAAAAAAAAAAVBoBAAGADgBgzyBgIIAIAHAYgHAKAHQaoHBzI0MTIyMzXIB4jxBdIHDQkABS4AAAUwDNoHBggFCWjgBwDqBwIIAPAH7PsDiggCEACVCAAAgD-YCAE.&s=0a6e976c930c4636d3dfcdcfda120dd02314bec2&type=pv&jm=1003&px=0&py=0&bw=300&bh=259&sf=0.97&sid=8074371741615353414&vd=ct~0|rr~5&sv=231&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=24970790&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:59 GMT
AN-X-Request-Uuid: f5e426bd-6eca-4f64-8532-0bc28e963d0c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fantoly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6F78 34 KB
10 KB 8ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 64ddd3f5853c316ce06ebe82b231e7c22035a240530089bb09411a342abfed12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:50:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77818
Connection: keep-alive
Content-Length: 10036
Expires: Sat, 21 Jan 2023 10:50:57 GMT

GET
H2 200 81943893d3ed4c44b633d518900edfa0_cpn_300x250_1.jpeg
static.criteo.net/design/dt/8721/221221/ Frame 979E 3 KB
3 KB 16ms
16ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/8721/221221/81943893d3ed4c44b633d518900edfa0_cpn_300x250_1.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1d1de35de1f5b58c6bcd6e2e85e5aa09b295195c3072354818bdac0daaf9d963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 21 Dec 2022 16:33:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a33540-bf8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 3064
expires: Mon, 15 Jan 2024 13:13:59 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 42ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 20 Jan 2023 13:13:59 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 460679
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame 1FEA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://us-east-pbs.automatad.com//setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677
https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677

0
962 B

97ms
92ms

Image
text/plain

143.244.214.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677

Protocol

Server

143.244.214.118 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9059445544637372677
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 112
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2AAD 0
863 B 14ms
13ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:59 GMT
AN-X-Request-Uuid: c3f547e2-a447-4364-8197-0d54069d6d6e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 5472724226390914059
s0.2mdn.net/simgad/ Frame 8CD4 63 KB
63 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5472724226390914059

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DE6cwtQhIe-1zHy4OwOPtCCySQFP3iEf0jqLZB3Q65f9wwcb7BNtYIOrcEeDH7pi0_vWb9R80yB2akFTtzIFxGBvFc-jD8ViGRWozPYNH2uhqHVlbBcE2lAiTP8I4gf5AGXQ_DmW7VLpInTmXOvYl9cWI15Rqoi5t1VvsUk10I9B26gtI&dbm_d=AKAmf-CGYllnEGmErJpnNxjE2FzmPF3i8sRZk07f05GhoJR--ytFXpuEosOB7tMFn87fP9AX9jOB15of35QFZJbK3_YCdsh4Ti4nFTjoZVn7tLrpoOTRzifzc_tyeFPqbyNhhYDMIIX3zFs4lurfNA2Qj25CEwVywmY2Hrta7ZL9IqVDo9qaYZe5h71K0GHUtavkj1peiUcSZz_1V6y-3keGrVn2iQDYm5OqwYv7P7085vxrOPolXhfwOHvcE_kcZTuE1-AoqigW15Z58soB2tAaOd_90tnYtPfisj8GsBKyp_ZAf1jlXjwsubec3yq62eluqa_CRA0MCcEcrHp_b1JdlEO3Tx6wWqisfoRVMNL7hsGmsu8WGEsBcjSDjULP0qjbhMYyHLpNW83KGXRs35ejncc7qcuE8aJNZxAKHrz1ieWfk0RgeulhV-GLDqtcQnXRg-14MM3zEYv_D_Aan86ca8gAfT1XXsy8fueoyK6cBf2kIGfP-2c2C3aMoOxQgkcbn55LFYL1IycMLmh77lx4JFia_fa_ALHbd2vW7bdqctg0bEaAjRlDA8e6WmFmYTiJZ8qBviWL0yg16n0cGuQKKu0bIcupIYy_3-yI7B1nmaXsVYVJw1aMV7KFDNcfqsqLisir-R6d1GfVLQHhgDm5DhwQ70CTqm0wU78H8tWlt0SKcYjF7FMFu18lk2xZaSNTrXn-xY_aBilvV65u5KMPubhFF_C9ntuFRJ8zBtnlDltQsNZQtbfTRMK5mUCFLYAWk6fN7dn2WzSJOYGi2Wd1Tl4r4nns4CkrMBV9VjePdREm3dlpor5aIp7wd7yNoxtAhGgh-cOZXWS4nx1naebhPSvoLrkPQF7Czc--_vTpPCF3jm65gEBxC1i4Lrf1ehQwi2U1d7pdl3tVJAhLB8igQ0AJTdJUPB0e5CP4FZq9c8yOw18oHPPP9uSxcPC-K9KKpNZfC-xSCr9coc9VJZKDF0HqMVuoKNMcDZZ0nH9bE9bOM_O9lMitKiuQnrMDP_kzW5Y0uei6JP2Zv1KUc2ERRuBBfKSTRM0_y-EsahbI7lSUJf1WA2f5DqaMmE1H0XYQX-UK8vt8A5hqL043ZCsCrg7_88BkN_vjFPvfS6_x2BgOK46bhLDclk0326-lWoDcQ6cszdrU5m-z1T_z8QShiQE2dFjSv-wGi8GDtGr-QaON502VHh_iDJvZdqHyJ7HPzMbk1zh26RSG7U2JO7Wgtf-JogCnfN4PsTWdhCLicekAe--NkMD8XPJ2GNzrO2OjIEwEXU4YHgurfFLwGVq8_Bpz72r0xzItsbqYgPh5L3tYOAuLGGVBntgzi3SzAOyBv_K5qd2Y4JnzaM5H67xIjzM9yMcGGs4VnZBwYBVkqPkfkeFiAcposrda1obT6nbA-n3l71GLQeS9MnGN6sTpgnenzGqot9-hkz_ytv8W29RZuQyy2LNZ6l9jdlP4q6Q67V3iXRu3QHdTiN8uUl3cXikWax0zRMBRlpq2m6O-HCtnHj3ErJMrBKk2mPCWEWOSRhPomcqC8ZyFZ6PGeaOechv7fzRe54ZgRkNdYAnOgUWbPMg2lk-PSiT_EuY_J_R6Ns_Ep2l99ZFtGF917HM3qMTtbcgKlPr0zDaAvGNMw4F4T9ad5u-9hZ9BcaxiiFrm0ZFqZc-EsGmwqXTZP7Zj6TpDbTQ2CMMeGbtRrzdN7qRF71MAFzY-VvpKIbex8_ScgCBvS-Ar21CdHuR7QQNoVpL9gPZAwjrWl67ga9ZJ6a-yF-7NlFcpRbD8L9l1nz_4cAlMa3-N5qHUsnECKpOkUmba_NLDmBx5NGW1H14rCdaywHg4PkiDtFkSMjCTNxuwrxmuuyUDnVdQjLp65KuBPQoEwPhCUjhbmYcux2-7jpHnVn92jXv8zaPKt7eaH7oDxaOMX8W_r5OKbE66uaNagd9912bS0qK3jITfXHnDz5sYsPMDwxxPxu78frmZSg2EZ91sYlY4nctqfv-G94vaZwz2-N1GkhNM65qP2rwEnD8_ixk1NmIv_t_GPU1D7rrFnwTu0yozYpx08G195CEa1N_QExkWQn6P1huDZ_thE4vl6_Hdc3Gml6VAGob2uO6-zFNoOnjL35rop8BnNAmfl7bP2d5Vzj0_CzfAIjaYLUM3ht7-0eC6dfDtpJv_9LDk4-YO_BjUQoC3jki7Pbc8ABsGhAyn4R-yni-leL8i0COiQBlL1LKYRnw48i8zdkFsF5EX8_gnyzCML_UU4GLhMmRUEvZ6sKBWsVekZi14iWdqbhCcMPYuoPGgTZjy0rNaLsxAehrY2v8PlxEagWhZStb9hxApzbUSBdYuvNSl7y5TocRCGlGP0iXqr-jvacreW6vXYXST5lzgzH6i-wy5Z28GY54B2Urz9jwatWfGVS8cvyeWEmS9CJGqxjBJpRaHymY_vaqPJqhUPzPWcirNwpMyZWJWEcxAin0wBddEYttd9nI3Wo1xvcyHQSKjCP257Zl2ptrdUhpVbRs9lES9kLJIeGr03Lzo878a0Ai-Q7EoafUB8_6hqUxzdfW4qe5_fmBRu44MQszjb_IqQAhQRdVPZ2rC5EsuTb3RQvd4Qg01sHiPZ8hHicL-VdYy5qrs11Xt_8WYl7LnmpdWbkPTG-XYaGrcjlZaybXK5V8Py2LhzOsZXn68OER0gn1JUmkhT8DhqOrkiwe2hqQMuxXH-jUwCozJQtMYgJ1KUkBA08rHOasNiAGOy1jpyLQ3k8Wfg0d0vkp0Dk9nKjX8x6DskF87ZRjWBzciGflffT1dkiphtIQgPELQGKvnDnSEy37BSJuFfrDXGBfMq-DT96T6ngsAnEnCrU-ubQo9z8ierI-XV9ZolQFCQZ7ulwvrYdTIUASdOT5OgL5fK9xKiPBqE6rrVvjfXUU98MdrmnjItl0Ao1x7jV6Px2LuBLKwM7rGYLj6Xmanz8NqXeB4pJ-rq4d6jjMGuLQ0DM4de6ylSewWcVaGQEl-t_n-d5MpZ4FLq4efbHjm_8ZyMpaZqz4PoCqF8lnZV649OFQO63zvir9zbWVCYmHtycucHJsEdmr2rfrlgnX1XcpG3iAsi5LcBMenjX_Kkpqi5DeGN_6pidgQ3dTJZDdAE2jJNQ2u-4fJQ5a2od3tsMN884vFtrZM4ZXkgh03l3o3I8yD7M1qVmctXmASV5_db1Kb05Vtb29NB_0KlQGiFyO-G8elCC1cO92uJcblUTO11HltuAy6o7aenpQbsDxUdvuW4RA7nZUQ3KcyvUMrjg3Mo2ZCxC2kTyhcQi7nLsHb4I09-G3_YNWChK60t4Oq1TWgIprITi3ZpfU64hif&pr=6%3A0.068444&cid=CAQSKQDq26N9uvAOIxA7i9JHLjRz1dEKnW2H6Cv74ri0ZdqxLcir4FibTq4uGAEgCg&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjM4MyZzaXRlSWQ9OTU5MDc1JmFkSWQ9NDQ0NDg2MCZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTEwMzc2OTY4NzIxNzUwNzM3Mjk4JmFkU2VydmVySWQ9MjQzJmltcGlkPThERjUzQTMwLTNEMTctNDVBOC04NkUxLTg5QjUwRUYxMDVGOSZwYXNzYmFjaz0w_url%3D&dv3_ver=m202209210101&rfl=https%3A%2F%2Fboxofficeindia.com%2F&ds=l&xdt=1&iif=1&cor=14396119925570966000&adk=33004680&idt=110&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

547d5fc0330eb83eccafc4d6b516ddfa476f481620f4ede24e8693d6c59f39aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 18:35:15 GMT
x-content-type-options: nosniff
age: 412724
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64327
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:15:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Jan 2024 18:35:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 8CD4 28 KB
11 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:47:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 10713822464293745175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:47:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CD4 155 KB
47 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 13:13:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame 8CD4 8 KB
3 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:47:06 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8CD4 0
0 84ms
83ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1s15RtZG_GnOBUIRGlT6vgdKhWDV8T9satxWjaXiwmmhMJD6NggEXJ1QTRuPlF3FmVOJ_Cm39Fey6LKRiVkwHVIpgQFSsOh5gdx3P6ZrLs1xCxwO5nTNpbA9FLm-5vpYGEosg3CggSmDkSYnvyVP2AHar_eLJh9LJ7VHPXT9rzMW6QZJjtwyMx41VjwmOaRMLmoRoM-C_TZHZd5tnptJiIxefzNkJdOs17BX-3s7QKhXFvmaaSmYeD1wZmXZR7Q_fMyiSOFsJ_YksgBpPmBHMk2gXNi8C-uEzK9w9uWnhnSv999Z5txr3MwTXBSUAXGw6SsFVWN2H7t4t07vrgkitA9bAU8mpfdYKME63_CAly8YibW0b31ThjFxutdvmdJoykDggyPXSwWg9Qaksc0bx3DmtK080QSHXqfUOItI3mDfq8M9E1lhkMPnzIj9MV_lGTi2p55yCc4hckr1NTqYEbTjd_WDdn0iKi2bkEIqBn4sRWxX1UEuH3BdiEFp2YrQQcaC1EiP1GSN8T-Ug1VK-xc_jdDUjV1DI_bJfbywg69kJ9a1wjNArbDtqtzwTt6yrkja_SIwXcs6KPjGXwhmkW6fALvFEIUYIl9FZ3hVIgwKZcgcKGwMFVGjQ3EAVlozCwkeLgr0qLRImqCj453muN7pkvOx9q8WEeELOFB1UqePdZtB6opsGVT6bM0_MhAGEXpLS4zoXMFTWHTISJvQSHKdqsC8rieBroNO_iVU5XnUWA3H_KWzR_itRcOwedoqFqJK2NCXeblUYEGO_8njyxlmNMj_TYp5AE1VLR3sUodlH0CjL2JN8HA2dBluS0CRMLgw3ArYb4Ls9SOCndfrD4wmxSNH9bAqYSOfjvJvEGx4FP6RNQyvmrTkqWLy1wghvJiztjUSemHohs_clWuI2qocqh0jZrZB522E2MU6ZelqcR6ovZq4mNdZpwFvLPebQDfzu7uxXUqikvBSJ95wIwXLQLQIVBJAoxpsx5NSDWL9AnhG3Lq2YHL2SICarpt-XlVDKzIX1-PUNniZp2pENK6CXBQbEZ9_O7smDyZrLB54v8WbxjMZI9ezFANEEuMIjsfnziHrMP8RDOOi24AAixuX0MHMe0Vy6gCQJBOwj6mXxicx9b1W2MKnGoldUz6IOmzdV8jqgKplON2N1DyYyxrxMAMNZyJQt3fuO95k2UkZ3Dg&sai=AMfl-YSE68QJSvf-hH-R7d_fzLdk4AzX7bunDVg5kPjCEyk_qaxfUT1vgWc0_5mMSeO-lpUp8a4Mndh82vteT5PelLmtg64X0b8WCXu5blTseCKxiFegh82QtTHgQPfC6tG6jZsCj1YiPtSqq3O80GELt6xFdhXQxYe1gvN7U5W0N-7IWRB-37r5pxZUnVgLhv2H45sGwgNycBh_r3fHsL4&sig=Cg0ArKJSzGFZ6_L4xYbgEAE&uach_m=[UACH]&pr=6:0.068444&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230118.73146&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-52-213-167-16.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Jan 2023 13:13:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8CD4 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 18:29:42 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame AB71 1 KB
1 KB 45ms
44ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fboxofficeindia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e04add851723893c9c7b41218a30069ac550ba54eecb8eea007d2d8c0a4379a5

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78c812118d3abbb9-FRA
content-encoding: br
content-type: text/html
date: Fri, 20 Jan 2023 13:13:59 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arCdsGLUf%2FoRySKC5m0hWaqpSHRoPjoRN%2F0SgFsa%2B2HsSi46DQfIiKs6xMHru6XrldYoQJ2komvBibHsusHGXjaUBa75SRPmOeXxknw%2F7%2B5scOcIT9LAlwsW705PCyTCs2ovcoDopKuObQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame EF68 281 B
554 B 8ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&geo=eu&co=de
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=spodtwzvm&e=1216403959407
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Jan 2023 13:13:59 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EF68 34 KB
10 KB 12ms
11ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 64ddd3f5853c316ce06ebe82b231e7c22035a240530089bb09411a342abfed12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:13:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:50:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77818
Connection: keep-alive
Content-Length: 10036
Expires: Sat, 21 Jan 2023 10:50:57 GMT

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E5C 36 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 10:03:03 GMT

GET
H2 200 Y8qTlPrPOTdNYmcwg5owlwAABLEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AB71 43 B
600 B 32ms
32ms Image
image/gif 2a05:d018:d29:3602:8a24:a60d:c474:c49c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y8qTlPrPOTdNYmcwg5owlwAABLEAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fboxofficeindia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:8a24:a60d:c474:c49c Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Y8qTlPrPOTdNYmcwg5owlwAABLEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AB71
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y8qTlPrPOTdNYmcwg5owlwAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/Y8qTlPrPOTdNYmcwg5owlwAABLEAAAAB

43 B
600 B

46ms
31ms

Image
image/gif

2a05:d018:d29:3602:8a24:a60d:c474:c49c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y8qTlPrPOTdNYmcwg5owlwAABLEAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fboxofficeindia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

2a05:d018:d29:3602:8a24:a60d:c474:c49c Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y8qTlPrPOTdNYmcwg5owlwAABLEAAAAB
date: Fri, 20 Jan 2023 13:13:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AB71
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AALH907HlScAACBlUj80Lw&expiration=1675430039

43 B
632 B

24ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AALH907HlScAACBlUj80Lw&expiration=1675430039
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fboxofficeindia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AALH907HlScAACBlUj80Lw&expiration=1675430039
Date: Fri, 20 Jan 2023 13:13:59 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AB71
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2396583000355136991

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2396583000355136991
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fboxofficeindia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:13:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2396583000355136991
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame AB71 0
191 B 31ms
12ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fboxofficeindia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 20 Jan 2023 13:13:58 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 ix
ad4m.at/ad/sim/ Frame AB71 0
0 28ms
20ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fboxofficeindia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 bridge
cm.adgrx.com/ Frame AB71 43 B
282 B 32ms
14ms Image
image/gif 72.251.241.196
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fboxofficeindia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-5
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame AB71
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y8qTlPrPOTdNYmcwg5owlwAA%261201?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y8qTlPrPOTdNYmcwg5owlwAA%261201

42 B
942 B

33ms
33ms

Image
image/gif

52.213.167.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y8qTlPrPOTdNYmcwg5owlwAA%261201

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fboxofficeindia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.213.167.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-08dd6474c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5QxOumqjQ94=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-0df7a788e.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: xakttsboR0c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y8qTlPrPOTdNYmcwg5owlwAA%261201
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame AB71 43 B
353 B 68ms
23ms Image
image/gif 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y8qTlPrPOTdNYmcwg5owlwAA%261201
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fboxofficeindia.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 39792
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c812127a602c75-FRA
content-length: 43
expires: Sat, 21 Jan 2023 13:13:59 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 96C4 38 KB
14 KB 8ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=kjlqbk&e=1216403959407
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=76457
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Fri, 20 Jan 2023 13:13:59 GMT
expires: Sat, 21 Jan 2023 10:28:16 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdDisplayTrackerServlet Show response
st.pubmatic.com/AdServer/ Frame 2068 0
49 B 19ms
18ms Document
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156383&siteId=959075&adId=4444860&imprId=8DF53A30-3D17-45A8-86E1-89B50EF105F9&cksum=3BBA164A3854C119&adType=10&adServerId=243&kefact=0.047911&kaxefact=0.047911&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1674220363&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.068444&dcId=3&tldId=0&passback=0&svr=BID22493U&adsver=_16601138&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=S5PKY0KCAAAGC5aP8Tmw5ZzV-XHDdwsuINASne_Xl_rJCH5G&ekaxefact=S5PKY0uCAADHpd8RWPydRBxoZMlD8pIUKLCAHgmJ82bpte-w&ekpbmtpfact=S5PKY1aCAABQYANWmomB7SNm2U9dO6j-CP14bfme5zxh034y&enpp=S5PKY16CAADLNm8knOu53RaX1j4V9cifQSrhJFDC2B_Q9LrE&pfi=1&domId=37901088856799851&dc=AMS&pubBuyId=22768&crID=461861086&lpu=fiverr.com&ucrid=10376968721750737298&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=3236534&wDspId=80&wbId=7&wrId=0&wAdvID=15653&wDspCampId=19286745583&isRTB=1&rtbId=BD021A4C-9327-44B8-A0FE-6E8B8CEA20C7&ver=4&dateHr=2023012013&oid=8DF53A30-3D17-45A8-86E1-89B50EF105F9&cntryId=58&domain=boxofficeindia.com&sec=1&pAuSt=2&wops=0&sURL=boxofficeindia.com&BrID=5
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=kjlqbk&e=1216403959407
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 20 Jan 2023 13:13:58 GMT
expires: 0
pragma: no-cache

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8CD4 0
0 89ms
74ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1s15RtZG_GnOBUIRGlT6vgdKhWDV8T9satxWjaXiwmmhMJD6NggEXJ1QTRuPlF3FmVOJ_Cm39Fey6LKRiVkwHVIpgQFSsOh5gdx3P6ZrLs1xCxwO5nTNpbA9FLm-5vpYGEosg3CggSmDkSYnvyVP2AHar_eLJh9LJ7VHPXT9rzMW6QZJjtwyMx41VjwmOaRMLmoRoM-C_TZHZd5tnptJiIxefzNkJdOs17BX-3s7QKhXFvmaaSmYeD1wZmXZR7Q_fMyiSOFsJ_YksgBpPmBHMk2gXNi8C-uEzK9w9uWnhnSv999Z5txr3MwTXBSUAXGw6SsFVWN2H7t4t07vrgkitA9bAU8mpfdYKME63_CAly8YibW0b31ThjFxutdvmdJoykDggyPXSwWg9Qaksc0bx3DmtK080QSHXqfUOItI3mDfq8M9E1lhkMPnzIj9MV_lGTi2p55yCc4hckr1NTqYEbTjd_WDdn0iKi2bkEIqBn4sRWxX1UEuH3BdiEFp2YrQQcaC1EiP1GSN8T-Ug1VK-xc_jdDUjV1DI_bJfbywg69kJ9a1wjNArbDtqtzwTt6yrkja_SIwXcs6KPjGXwhmkW6fALvFEIUYIl9FZ3hVIgwKZcgcKGwMFVGjQ3EAVlozCwkeLgr0qLRImqCj453muN7pkvOx9q8WEeELOFB1UqePdZtB6opsGVT6bM0_MhAGEXpLS4zoXMFTWHTISJvQSHKdqsC8rieBroNO_iVU5XnUWA3H_KWzR_itRcOwedoqFqJK2NCXeblUYEGO_8njyxlmNMj_TYp5AE1VLR3sUodlH0CjL2JN8HA2dBluS0CRMLgw3ArYb4Ls9SOCndfrD4wmxSNH9bAqYSOfjvJvEGx4FP6RNQyvmrTkqWLy1wghvJiztjUSemHohs_clWuI2qocqh0jZrZB522E2MU6ZelqcR6ovZq4mNdZpwFvLPebQDfzu7uxXUqikvBSJ95wIwXLQLQIVBJAoxpsx5NSDWL9AnhG3Lq2YHL2SICarpt-XlVDKzIX1-PUNniZp2pENK6CXBQbEZ9_O7smDyZrLB54v8WbxjMZI9ezFANEEuMIjsfnziHrMP8RDOOi24AAixuX0MHMe0Vy6gCQJBOwj6mXxicx9b1W2MKnGoldUz6IOmzdV8jqgKplON2N1DyYyxrxMAMNZyJQt3fuO95k2UkZ3Dg&sai=AMfl-YSE68QJSvf-hH-R7d_fzLdk4AzX7bunDVg5kPjCEyk_qaxfUT1vgWc0_5mMSeO-lpUp8a4Mndh82vteT5PelLmtg64X0b8WCXu5blTseCKxiFegh82QtTHgQPfC6tG6jZsCj1YiPtSqq3O80GELt6xFdhXQxYe1gvN7U5W0N-7IWRB-37r5pxZUnVgLhv2H45sGwgNycBh_r3fHsL4&sig=Cg0ArKJSzGFZ6_L4xYbgEAE&uach_m=[UACH]&pr=6:0.068444&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=120&vt=11&dtpt=119&dett=2&cstd=0&cisv=r20230118.73146&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:13:59 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0B7A 22 KB
8 KB 56ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 153857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 18:29:42 GMT
expires: Thu, 18 Jan 2024 18:29:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 2AD0 85 KB
36 KB 29ms
29ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 21 Jan 2023 16:41:32 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 2AD0 35 B
466 B 26ms
26ms Ping
image/gif 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60438838&csi=66cbdidK-SSW_o0cdMy-DHuFAHoXghb_0NeQ3U7V_A3ZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 56822123.gif
s1.adform.net/Banners/56822123/ Frame 2AD0 87 KB
88 KB 25ms
25ms Image
image/gif 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/56822123/56822123.gif?bv=3
Requested by: Host: fantoly.com
URL: https://fantoly.com/r/p.html?f=spodtwzvm&e=1216403959407
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 59b951e56956b0d3f4a1b6ec93b2c835201763d7c92a41a94f15207ca06bcaf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
last-modified: Wed, 21 Dec 2022 16:44:34 GMT
server: nginx
x-amz-request-id: tx00000df32963c6783d86b-0063b0bef8-3293868f-default
etag: "fef896592a13b2e5f7f99aa53d97441d"
x-cache-status: STALE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 89490

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 81F0 88 KB
29 KB 18ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Jan 2023 13:13:59 GMT

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B7A 36 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 10:03:03 GMT

GET
H2 204 services
sync.technoratimedia.com/ Frame 0D78 0
0 95ms
94ms Document
text/plain 193.122.174.27
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dsynacormedia%26uid%3D%5BUSER_ID%5D
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/geo/amp_user_sync/load-cookies.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://b2cdn.automatad.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://b2cdn.automatad.com/
age: 0
date: Fri, 20 Jan 2023 13:13:59 GMT
server: nginx
via: 1.1 varnish
x-varnish: 485787903

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 07C0 42 B
64 B 138ms
137ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdnXZezZWF-19d06dI_jp-vippmrphdm91olLUnieADBWODZDKOn8J8V7RW8fmTFJkAsixflNahRyKePHvNxG9hNRW0d0x-e0&sig=Cg0ArKJSzPapHDZkqpM7EAE&id=lidar2&mcvt=1008&p=0,0,250,300&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674220436497&rpt=2179&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E5C 0
20 B 144ms
144ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUeCTlZPKY-ucJKm4x_AP1ICKkAcAAAAAOAHgBAI&bg=!yMuly4_NAAYDMoyoIzI7ACkAdvg8WhYfPj2NWTSozTVFA6OIdURQ5KF3O7yZ2dWXZeo7WWVhFOHi2wIAAADCUgAAAARoAQcKACBt4zygAwkV-ZJTx6LT76hcrH-_PNDTy8gF8W_VfqVEDZkC2XSVrcglUEuEX47UdIAxDqWEjoEDiUUTcy_ZijVuqrBIDGSzW3oGz-hELN_sEHfcI_DfbrsU3Wrwnl502Ke8TLNleW6Dq-1zkmjfdXkMS3O3ch69LO4SJjX4fzkonNneKbWhffp_TyTI3NF53v5emCykZt1siz98ACvVWx8uS-cU8rQJnYbBuNiov9J3UMjF0mpOMfHpvA0CS_AwmiAKRq-IJUaVFiZi6caNnFKqu5YwqvZwRF3cdoPUtsD7ponsYnAftPhqBzz6M69rcKph3tBm9cukdivBM2U8-eIomg1T1GsGFzbGfSXynGoK3znLTUiu_xsasI1R9EZ2AXVn6VFO9g4ygFyOe7CNpIm3WDRrjznRyonM0cX5juHuS_OyTsGvk8q1ruRc0KzdwIuAdOU52RG4kZNyMB6_4lJ2KsTtnpAxvVOMeaeZSP3NXQhVBla0R8Vs4IeSKw858Ar4L8TKAMOtufXUqku8jVctgQOd3ihO9cQorA_i6Ry1S1qDoaLa0KnTmhYIyxtbh6CmdHq2zHd1HpkQNDkD_6DvsV8YkhwCP7h4idmt3OPHrSMRQ6Pw3z_i5un-95mwYiPX0Q4g9pYG3n5aT10I1LAc-glVXXZDV6IiBPgpSbqJCwGVyP71TF1NHs4X53SBeJxnXOnQ0XdGPcwzGv0qDop1Le-XudYLI7GrfXE1EkBf2wAgmAlm2rI8h999Ga_A2o0cTGfFHuYvs-r5Zvlu3hWddcGF2wkTl1h_B63Ucz_bN4RJFgQZJzE2b-zPePLYvrIXzWfwDYi61s9NB5PpEfz-JEgcYucFapQtwvbOkOXO-btHACnEX3iO5NwEvRldDl_FdSrTfCLmkLbMDQmgAgeO8Hv95sneH_eZqCL43YBjn809dHX5PO0fU2keQKf5LVH9Y4UnCe6QnxZZdu1JTblFe0qYbGx5bSICtDLgTBjKP6Zhr8L-fbsPzo44eQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8BEB 42 B
64 B 157ms
157ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0sMc38l6vqL6LU3WrM-kSWOvAsbvjW3-KsFDq-YWsADJYwOB25bwuYBKfYr_A1f6TcRSV6HaW83DUddvehtqRo75pI5XNCFFSYDpOfxkmgpA96S1sbCkhrmcIS3TgrI76O2Buqw&sai=AMfl-YR2bkqqtdAzDxiIQj1Mri5jZgiJMld-vaREygUexBQTupjiohuoQB6kaXKpJ9CH-l6ikofOWpCO85hjZjSjnbvbo-mIZ7FR3JCt-252LFLq3FU-D1NjxxRrXRdaN6U&sig=Cg0ArKJSzFE2KN6Q6iINEAE&cid=CAQSPADq26N9cRvzlFAfCgid9vxjqcG_3OQP4qrAYaHkyyUkeMz28OC6h1TzrVA-QaMkrax9qXSiK8b8HMcrvBgBIBM&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=1229&tls=2230&g=100&h=100&tt=2230&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: boxofficeindia.com
URL: https://boxofficeindia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a363de58594cb810f7cca0641ef9f2b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AB32 15 KB
6 KB 21ms
20ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=boxofficeindia.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://boxofficeindia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 13:13:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 1473365
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame AB32
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=boxofficeindia.com&sn=ChromeSyncframe&so=3&topUrl=boxofficeindia.com&bundle=Cyg7g196RUNrOVMlMkJnJTJCQkJzNVBGbnNBTm9oYWtLM0wyTjJVQk9ueWdOME...
https://mug.criteo.com/sid?cpp=GHyW7Xxnem1aQjRVNzJwbk1yQ214TW5TMjJzZUlJSHVpUjl0dFMvbXhnTTR0RjZSalcvL3FsVnJEY2Z3M1ZqQVkySmtJTHJZK3FySlpUZnhtLzhtVmxXMHZTMmt6L2IzRU5uUlVYUzhoemJvbGp6c2xPSHMrL0RUcHd5ej...

457 B
677 B

17ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GHyW7Xxnem1aQjRVNzJwbk1yQ214TW5TMjJzZUlJSHVpUjl0dFMvbXhnTTR0RjZSalcvL3FsVnJEY2Z3M1ZqQVkySmtJTHJZK3FySlpUZnhtLzhtVmxXMHZTMmt6L2IzRU5uUlVYUzhoemJvbGp6c2xPSHMrL0RUcHd5ejlzTHBpamMyNDlJeVYwMDl3U21VbmtHclAzWTROUElCZWJPVFl3R2MvbGl4bWl5Z3BPblVNUU1qTmRBSEhCUll4K3YwNzdmMEV6bWJoS0k0RG5KdzV0anBkOVMxNWtEckFyRVRnaXk1d1BPVUM2QVN1L204UzE4MFhSTUJGMTh3eU03RXFvdER0dmJXdkwyaVdCdmYwb3htbGJoTVVpT3lLZGRjTHBRejNNOE8wMktRczlwST18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f8850520175d0e111e08a4ab2d22fe6285dd6136d0670dcac70fde697c4e7b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1508876
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:13:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=GHyW7Xxnem1aQjRVNzJwbk1yQ214TW5TMjJzZUlJSHVpUjl0dFMvbXhnTTR0RjZSalcvL3FsVnJEY2Z3M1ZqQVkySmtJTHJZK3FySlpUZnhtLzhtVmxXMHZTMmt6L2IzRU5uUlVYUzhoemJvbGp6c2xPSHMrL0RUcHd5ejlzTHBpamMyNDlJeVYwMDl3U21VbmtHclAzWTROUElCZWJPVFl3R2MvbGl4bWl5Z3BPblVNUU1qTmRBSEhCUll4K3YwNzdmMEV6bWJoS0k0RG5KdzV0anBkOVMxNWtEckFyRVRnaXk1d1BPVUM2QVN1L204UzE4MFhSTUJGMTh3eU03RXFvdER0dmJXdkwyaVdCdmYwb3htbGJoTVVpT3lLZGRjTHBRejNNOE8wMktRczlwST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 725820
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 81F0 0
0 145ms
142ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011201&jk=939641135947206&bg=!DwylDEjNAAYDMoyoIzI7ACkAdvg8WpEnbC5ka6wUqQotmkxkUlnWFiZK3JUIkFosyiDhFvYn4Of56AIAAAQDUgAAAARoAQeZAw-9PHvQpYOuWdYM5j9n8etZnoFBhTIpD2JG58vFBilgTaxlaPg15dU467hNmUwRpaJqXETlytR_RlkaiV7zWaSUCLbA7DtbbeqQvXe_xmlG5mKdwGGnWksJXo4hIrraVdwa-myRljqhJcZmx7eFPckB-lioW_GTw017qSir5Vvi1l90T84jz5nINell7C_qdFjlnDhnxCKlPLdb-EQmx2f00YKh7zdIcEbLJ0Drid_XtGz4OT7AGeY0yIM04LXB4CUIOQkq2i6UX-Wi_kCExStrtdycb7rOqe9YL7FLKA8awP1XVcJiQ9rDq1uAgCDtu3xgbt1oXklum7ftYE28OQJqMrkf20Mhdm808vNt9ULSHbqftW3qQ28q3Pd7bGB7sGT9aq1gAp5VWuwc1Y0bwFHnLLFFeRemvLr6jg75cFTsrtuoI6lQh1moZwc9mZ8nslNhMAbVmRhnIJnxwfHNBBklKCC7Iy8tCMxRu1IEuSebAzaPoCEFd6ZBNudhTvDpkqn1Hcv09CU51BNFar1fSLiJgnlUHbB0Jgmb7658CrvHztg9MVXAtdzqkhX6n3Anvui3jF8fltq5NYNFrroz5U06FdbXPNQPZvy8Ask5L1gP_YV5ULd9H-NdvBOE30Mjp0KH4hF3-py0ZaiJ1qme-ZkUqpl0eVr2oPzi373GqcMCdD0t2jgzAno3i03BPumo6Y_RXAl2I0sFX25dwE7bZtUBUwWLYUWzSVAtw06UGJBP6dPx7pfvg28SAe9PdH3E-Yo0zHQDixvtkeKmJLvNMFA2MxYJoD4B5LCtBMpTp8Dk6B_Dj3a5ReHUDRwOB_ByOhG2Spjxu0P4_Uppbe-A31zYFfhxg9DI53pug3W9OeU0PwYXG8rj2tCzH27oqI07q3EK22lILx7HNG9HARKzmrwvYLFd4kG3qJtpmDIOE5T7DCTouP1Raay0wEM3lJFj1KC1w7Z2e7mqQcqks-e_1RdfRnnW12loXbEkHLkhkanoGzc9SgoKYkR4QmF61gfcdgUrhSaF9Wa5cZBo_un0hWg
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 81F0 95 B
223 B 56ms
21ms Image
image/png 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fboxofficeindia.com%2F
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/png
date: Fri, 20 Jan 2023 13:13:59 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 81F0
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156383
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=-1&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=-1&piggybackCookie=uid:f08f2fbe-9147-43b0-a37e-6017f4dc4aab&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2396583000355136991&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
160 B

18ms
17ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: boxofficeindia.com
URL: https://boxofficeindia.com/
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boxofficeindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Fri, 20 Jan 2023 13:14:00 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B7A 0
20 B 144ms
142ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdgQPlpPKY--lLPrK7_UPiueYoAEAAAAAOAHgBAI&bg=!MjGlMXXNAAYDMoyoIzI7ACkAdvg8WusP34ftq0J5oUWJwrPX0Ln4euVBaM9SfKQ3vuFEFqowrcPPTgIAAAD7UgAAAARoAQeZAtCBKfwxeDYh8yg1CpRUK4tIf2pp_wsDUdYgHz2gI0AyMBXISKsAKT6b2C2jsp9CfhduT9mx2bpTNgJvIpNJ8ksLg1Ypg1_z4bm69gdFm3xrMTD-iirkxKD-F-ILHBywqbsqJ2IlE0SvUj51YyP5sK7ulUKXlqopgTSilRXCdXY9eo3s-l8ePrCy0yAKDALrn9ALVuz9PQHKb9LKS8FGNHs3---_-8DOuVk9tUWCM5DWrm-xRA_vMKmMOrch785_eI9tJgI9o9rAMyIIjQovCF9fijzeNso4aUSWb4SN-3pJRlDf9IVyUxJA0PeNUFBNPOMyDMCfQ7XtBmdTJPuR32H5VEpNKb50pP48pQzsFoxY1F7zwpntI66R9OY1rDejpst6XQ1z0QVs4rEJTAbvGUDOqbZq_pXbrB9MWNpNc52Q3mmA8RZO0TzmsIpWoeddZjRHhHkP1JsXwB5Z1WTfWvADQ0ontOnZJXP0yInoxA7QbSHbjHAwaieuCrGwpPuVJ2S2IDRJQEYZyWVgcXOiq2zLClDScJ-ZsxEa0fGsjftGLqiUAOxv9VTXLgPw5TZEyMloPUA_izoo84lzeIzKJUTIS8u-JRuGsEBZ6D7fDuF7mFzvJnxodmAEKg_r2D1E3qEKj19xYynWDyGxhG2_T1YPfwJ3EG4t5KjFvsZn341giWseerW2TTKBdgG1MqHupwrEztSP-cYVsMSouLgjsXnkxWETIPE6Ns-SoNntvFaI3xiciDisFHOSXvylyjeIb7lQ1ix6Nl0vS8Y-F77E0Qn3QaXfLP5esHvpS_Jsg-D5N0Fo4OoQRVKjJXhsoCGj8Tno9cf0te2tTZik3CK4bbprFVTsj80LWUKMkJPDDIT4aYIOBWDaoflmjUAbC1vJm5oxU8YdBptQjrnYfm06TAumTNQzbjNwNLOB-v4GMIBldBff5POqPXNh7-8aS13vH2Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:14:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2AAD 0
863 B 14ms
14ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:14:00 GMT
AN-X-Request-Uuid: a47c43ad-984e-4048-b99a-4ababc4d1533
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2B7E 2 KB
2 KB 15ms
14ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28409740&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e92981c8bc00c6782c99ec3d1ae70a8a675879e1dce5c85d59d0aa9a375b27d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 20 Jan 2023 13:13:59 GMT
content-length: 1678
content-type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07C0 0
20 B 138ms
137ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4051697790488&version=m202209210101&ct=76&x=6&cor=16456944598518880000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:14:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame C64A
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7106406527

70 B
264 B

32ms
32ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7106406527
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Fri, 20 Jan 2023 13:14:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Fri, 20 Jan 2023 13:14:00 GMT
etag: RX27d8741636c94aa089b8b32a79f428b3003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7106406527
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame F104
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
414 B

195ms
181ms

Document
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 78c812197c605c1a-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:14:00 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 78c8121849ee5c1a-FRA
content-type: text/html
date: Fri, 20 Jan 2023 13:14:00 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 417

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 246B
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

19ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 13:14:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Fri, 20 Jan 2023 13:14:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame E387 43 B
281 B 135ms
28ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:14:00 GMT
Vary: Accept-Encoding
X-adserver-worker: ragnarok-115129385d3b@version_1.533v2
X-core-time: 0ms
X-server-arch: v2

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame B4C1 0
0 46ms
11ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Fri, 20 Jan 2023 13:14:00 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 5AEF 43 B
282 B 16ms
16ms Document
image/gif 72.251.241.196
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Fri, 20 Jan 2023 13:14:00 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-5

GET
H2

404

gdpr_consent= Show response
sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/ Frame B352
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...

49 B
265 B

30ms
30ms

Document
image/gif

34.243.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrghhbgVhRYVSUTgTX
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.201.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-201-47.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 49
content-type: image/gif
date: Fri, 20 Jan 2023 13:14:00 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.24.233

Redirect headers

content-length: 0
location: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrghhbgVhRYVSUTgTX

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 7CC4 43 B
369 B 60ms
21ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Fri, 20 Jan 2023 13:14:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 9FB2
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=j1exzesozdbg

42 B
289 B

19ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=j1exzesozdbg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:14:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Fri, 20 Jan 2023 13:14:03 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=j1exzesozdbg
lws: 124
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 2860 35 B
250 B 34ms
32ms Document
image/gif 34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=C833D44B-9EE7-47EB-B335-A7378C3B4075
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 20 Jan 2023 13:14:00 GMT
Expires: 0
Pragma: no-cache

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 2B7E 49 B
266 B 107ms
30ms Image
image/gif 34.243.201.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C833D44B-9EE7-47EB-B335-A7378C3B4075&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.201.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-201-47.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:14:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.179
content-length: 49
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2B7E
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9059445544637372677

42 B
95 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9059445544637372677
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 20 Jan 2023 13:14:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 20 Jan 2023 13:14:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 55bb7fc4-351b-4106-8e09-2f23581be2ab
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9059445544637372677
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 54B3 281 B
554 B 8ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Jan 2023 13:14:00 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2B77 52 KB
17 KB 10ms
10ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 23356
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 20 Jan 2023 13:14:00 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 375606
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220093-HHN
X-Timer: S1674220440.451706,VS0,VE0

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame DFC0 0
0 138ms
138ms Document
text/plain 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13406526
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Fri, 20 Jan 2023 13:14:00 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap2sea1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1720 16 KB
6 KB 14ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=52328
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 20 Jan 2023 13:14:00 GMT
expires: Sat, 21 Jan 2023 03:46:08 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 54B3 34 KB
10 KB 19ms
18ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 64ddd3f5853c316ce06ebe82b231e7c22035a240530089bb09411a342abfed12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:14:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:50:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77817
Connection: keep-alive
Content-Length: 10036
Expires: Sat, 21 Jan 2023 10:50:57 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2B77 0
863 B 14ms
13ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:14:00 GMT
AN-X-Request-Uuid: 9ff63d61-c878-4a92-8eed-a4e092525e0c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5938 281 B
554 B 9ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Jan 2023 13:14:00 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame CED2 0
0 138ms
138ms Document
text/plain 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13406526
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Fri, 20 Jan 2023 13:14:00 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap2sea1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F24F 16 KB
6 KB 11ms
10ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=52328
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 20 Jan 2023 13:14:00 GMT
expires: Sat, 21 Jan 2023 03:46:08 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0175 52 KB
17 KB 11ms
9ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 23356
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 20 Jan 2023 13:14:00 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 375609
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220093-HHN
X-Timer: S1674220441.543767,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5938 34 KB
10 KB 10ms
9ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 64ddd3f5853c316ce06ebe82b231e7c22035a240530089bb09411a342abfed12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:14:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:50:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77817
Connection: keep-alive
Content-Length: 10036
Expires: Sat, 21 Jan 2023 10:50:57 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CD4 0
20 B 136ms
136ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7141126709889&version=m202209210101&ct=76&x=6&cor=14396119925570966000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantoly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:14:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0175 0
863 B 14ms
13ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:14:00 GMT
AN-X-Request-Uuid: 518de18b-f073-4bcf-885d-798f2405ed24
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6A66 16 KB
6 KB 8ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=52328
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 20 Jan 2023 13:14:00 GMT
expires: Sat, 21 Jan 2023 03:46:08 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 866B 52 KB
17 KB 10ms
10ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 23356
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 20 Jan 2023 13:14:00 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 375613
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220093-HHN
X-Timer: S1674220441.627501,VS0,VE0

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 2D8A 0
0 138ms
138ms Document
text/plain 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13406526
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Fri, 20 Jan 2023 13:14:00 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap2sea1

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 14AB 281 B
554 B 8ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Jan 2023 13:14:00 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 14AB 34 KB
10 KB 8ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 64ddd3f5853c316ce06ebe82b231e7c22035a240530089bb09411a342abfed12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:14:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:50:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77817
Connection: keep-alive
Content-Length: 10036
Expires: Sat, 21 Jan 2023 10:50:57 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 866B 0
863 B 14ms
13ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:14:00 GMT
AN-X-Request-Uuid: 24507b9b-7985-4f2c-b8f4-155f2dd24386
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 2AD0 35 B
466 B 26ms
25ms Ping
image/gif 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=60438838&event=178&time=2&baid=56822123&name=Viewable%20impressions&imprid=5151288609400209707&icid=0&eData=66cbdidK-SQ0KBqsSgxmSz2QWXXvKuCbumjmAI-8sjxo4kOyoBiwbg2&rtbdata=tod4paA22JRETz6N6BMBaVK9p0JY1HwAy-GRy-_gRRifnBWVWvBaGtZ5GMsze_QRJSfrJiyjckBtoDIkcHywho8c66ILWHw2uEZz4T_1OHCUfHG70GN2BEjHa9bDDW-6W57wu2CMkJY42qreeFzipPuFoDiXg-sf8LC0ZA03B-RIiVI_NKzWzcyz6gHPsuTysKv56gpmpZQ9PnRhVY0mMIuAWRge-aLE-NQRgyeAjK_dIeaxBlhqxs4e6UJ19UI75650FB0y-X7KaA687ag4nVHD2KD_2Ifv0&rtbwp=3A5C64705754B0E6&rnd=236048779

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:14:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2AD0 35 B
466 B 26ms
26ms Ping
image/gif 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@60438838,5151288609400209707,100|1082|0|0|0|0|0|0|0||42|1|||1082||1|0|0|0CUIYlwyhePi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fantoly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 13:14:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://fantoly.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 64C2 0
0 139ms
138ms Document
text/plain 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13406526
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Fri, 20 Jan 2023 13:14:00 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap2sea1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E3D4 52 KB
17 KB 7ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 23356
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 20 Jan 2023 13:14:00 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 375616
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220093-HHN
X-Timer: S1674220441.844274,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3711 16 KB
6 KB 9ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=52328
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 20 Jan 2023 13:14:00 GMT
expires: Sat, 21 Jan 2023 03:46:08 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 102B 281 B
554 B 10ms
9ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fantoly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Jan 2023 13:14:00 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 5085 0
128 B 16ms
14ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 13:13:59 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 102B 34 KB
10 KB 11ms
10ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 64ddd3f5853c316ce06ebe82b231e7c22035a240530089bb09411a342abfed12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 13:14:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Jan 2023 10:50:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77817
Connection: keep-alive
Content-Length: 10036
Expires: Sat, 21 Jan 2023 10:50:57 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E3D4 0
863 B 14ms
13ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:14:00 GMT
AN-X-Request-Uuid: 61383f3f-2db6-4e29-9f4d-4155f2e57123
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3711 252 B
635 B 14ms
14ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26974692&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 96df926da81f08ee1e108f177830505db567412dc3654ec7d1bcb16ab19d39e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 20 Jan 2023 13:14:00 GMT
content-length: 252
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 18C5
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:44954EFAC6F044318A35A17E15817510&gdpr=0&gdpr_consent=

1 B
53 B

19ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:44954EFAC6F044318A35A17E15817510&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 13:14:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Fri, 20 Jan 2023 13:14:00 GMT
expires: Thu, 19 Jan 2023 13:14:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:44954EFAC6F044318A35A17E15817510&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2B77 0
863 B 18ms
18ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:14:01 GMT
AN-X-Request-Uuid: 49247acc-383e-4453-b247-7aed8c194b02
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0175 0
863 B 15ms
15ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:14:01 GMT
AN-X-Request-Uuid: cb809d2c-99fe-47c9-ad06-103f9f87d142
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 866B 0
863 B 14ms
14ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Jan 2023 13:14:01 GMT
AN-X-Request-Uuid: 1d4f5d44-9f56-4850-91b5-742058e6adfa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0978 47 B
226 B 14ms
14ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51497201&p=156383&s=959075&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 20 Jan 2023 13:14:01 GMT
content-length: 47
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E3D4 0
863 B 32ms
31ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS