URL: https://aurorashop.me/pub/
Submission Tags: sansec.io magecart Search All
Submission: On February 06 via api from DE — Scanned from DE

Summary

This website contacted 46 IPs in 11 countries across 54 domains to perform 105 HTTP transactions. The main IP is 213.136.91.32, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is aurorashop.me.
TLS certificate: Issued by R3 on January 12th 2023. Valid for: 3 months.
This is the only time aurorashop.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 213.136.91.32 51167 (CONTABO)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.96.160.100 16625 (AKAMAI-AS)
1 185.142.238.77 174 (COGENT-174)
1 37.157.2.248 198622 (ADFORM)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 37.157.4.28 198622 (ADFORM)
1 2a00:1450:402... 15169 (GOOGLE)
2 15 37.157.3.20 198622 (ADFORM)
1 37.157.4.23 198622 (ADFORM)
1 2 35.158.48.227 16509 (AMAZON-02)
1 2.19.32.65 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
2 2 52.57.30.71 16509 (AMAZON-02)
1 185.86.138.146 201081 (SMARTADSE...)
1 3 18.156.0.31 16509 (AMAZON-02)
1 2.23.97.19 20940 (AKAMAI-ASN1)
2 2 35.156.135.89 16509 (AMAZON-02)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
7 8 77.243.60.138 42697 (NETIC-AS)
2 2 92.123.37.164 16625 (AKAMAI-AS)
3 4 185.89.210.212 29990 (ASN-APPNEX)
5 5 172.217.16.194 15169 (GOOGLE)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
1 18.184.216.10 16509 (AMAZON-02)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2a02:6ea0:cb0... 60068 (CDN77 ^_^)
1 35.244.174.68 15169 (GOOGLE)
1 54.194.53.119 16509 (AMAZON-02)
2 104.111.217.14 16625 (AKAMAI-AS)
1 35.244.159.8 15169 (GOOGLE)
1 1 18.200.218.11 16509 (AMAZON-02)
1 52.218.30.51 16509 (AMAZON-02)
1 1 51.222.80.231 16276 (OVH)
2 3.33.220.150 16509 (AMAZON-02)
5 6 139.162.145.200 63949 (AKAMAI-AP...)
1 1 139.162.147.24 63949 (AKAMAI-AP...)
1 1 91.210.226.74 48314 (IP-PROJECTS)
1 1 80.85.85.173 63949 (AKAMAI-AP...)
1 54.73.101.116 16509 (AMAZON-02)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 65.9.66.43 16509 (AMAZON-02)
2 3 52.20.193.33 14618 (AMAZON-AES)
2 2 34.250.119.25 16509 (AMAZON-02)
1 1 18.185.191.100 16509 (AMAZON-02)
2 2 52.58.82.235 16509 (AMAZON-02)
1 162.19.138.120 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
1 104.111.217.42 16625 (AKAMAI-AS)
1 87.242.89.90 208677 (SBERCLOUD-AS)
1 2600:9000:223... 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
1 46.19.11.36 51790 (SIEL)
1 13.248.245.213 16509 (AMAZON-02)
1 3.71.169.66 16509 (AMAZON-02)
12 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
105 46
Apex Domain
Subdomains
Transfer
21 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8174
va.tawk.to — Cisco Umbrella Rank: 8079
198 KB
19 aurorashop.me
aurorashop.me
922 KB
18 adform.net
s2.adform.net — Cisco Umbrella Rank: 6520
track.adform.net — Cisco Umbrella Rank: 3696
c1.adform.net — Cisco Umbrella Rank: 568
dmp.adform.net — Cisco Umbrella Rank: 6846
40 KB
8 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1110
se.semasio.net — Cisco Umbrella Rank: 23540
5 KB
7 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 19808
tags.adsafety.net — Cisco Umbrella Rank: 119941
12 KB
6 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
1 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
secure.adnxs.com — Cisco Umbrella Rank: 409
4 KB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2249
2 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1446
load77.exelator.com — Cisco Umbrella Rank: 3189
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401
1 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
620 B
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2456
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 412
1 KB
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11368
629 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
2 KB
2 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 30746
cm.smartstream.tv — Cisco Umbrella Rank: 318420
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
529 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 545
666 B
2 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 975
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
873 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3017
692 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 650
830 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
120 KB
2 linker-network.me
linker-network.me — Cisco Umbrella Rank: 94570
d.linker-network.me — Cisco Umbrella Rank: 96275
996 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359
39 KB
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 792
55 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 329
140 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 22861
49 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 685
241 B
1 1dmp.io
sync.1dmp.io — Cisco Umbrella Rank: 14668
155 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1232
172 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 389
1 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 457
492 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 21894
444 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 665
448 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 581
338 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2833
417 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 26415
407 B
1 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 2146
273 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 757
266 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 349
98 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1008
344 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 629
682 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 560
163 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 548
214 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4045
525 B
1 seadform.net
server.seadform.net — Cisco Umbrella Rank: 27955
344 B
1 gtag-analytics.com
gtag-analytics.com
7 KB
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 4585
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
918 B
0 ib-ibi.com Failed
global.ib-ibi.com Failed
105 54
Domain Requested by
19 aurorashop.me aurorashop.me
18 embed.tawk.to aurorashop.me
embed.tawk.to
12 c1.adform.net 2 redirects track.adform.net
c1.adform.net
6 cm.adsafety.net 5 redirects c1.adform.net
5 cm.g.doubleclick.net 5 redirects
5 se.semasio.net 4 redirects c1.adform.net
3 va.tawk.to embed.tawk.to
3 dmp.adform.net c1.adform.net
3 a.audrte.com 2 redirects c1.adform.net
3 secure.adnxs.com 2 redirects c1.adform.net
3 dsp.adfarm1.adition.com 3 redirects
3 uipglob.semasio.net 3 redirects
3 ups.analytics.yahoo.com 1 redirects c1.adform.net
2 pixel.tapad.com 2 redirects
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 dpm.demdex.net 2 redirects
2 match.adsrvr.org c1.adform.net
2 tags.bluekai.com c1.adform.net
2 loadm.exelator.com 2 redirects
2 pixel.mathtag.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 x.bidswitch.net 2 redirects
2 ih.adscale.de 2 redirects
2 ad.360yield.com 1 redirects c1.adform.net
2 track.adform.net 1 redirects aurorashop.me
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com aurorashop.me
www.googletagmanager.com
1 cdn.jsdelivr.net embed.tawk.to
1 e1.emxdgt.com c1.adform.net
1 eb2.3lift.com c1.adform.net
1 match.contentexchange.me c1.adform.net
1 s.ad.smaato.net c1.adform.net
1 sync.1dmp.io c1.adform.net
1 sync.teads.tv c1.adform.net
1 id5-sync.com c1.adform.net
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 simage2.pubmatic.com c1.adform.net
1 beacon.krxd.net c1.adform.net
1 cm.smartstream.tv 1 redirects
1 ads.smartstream.tv 1 redirects
1 tags.adsafety.net 1 redirects
1 pixel.onaudience.com 1 redirects
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 eu-u.openx.net c1.adform.net
1 sync.crwdcntrl.net c1.adform.net
1 idsync.rlcdn.com c1.adform.net
1 load77.exelator.com c1.adform.net
1 ps.eyeota.net c1.adform.net
1 ib.adnxs.com 1 redirects
1 ads.stickyadstv.com c1.adform.net
1 rtb-csync.smartadserver.com c1.adform.net
1 token.rubiconproject.com c1.adform.net
1 ad.yieldlab.net c1.adform.net
1 server.seadform.net aurorashop.me
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 s2.adform.net aurorashop.me
1 gtag-analytics.com aurorashop.me
1 chimpstatic.com aurorashop.me
1 d.linker-network.me aurorashop.me
1 linker-network.me 1 redirects
1 fonts.googleapis.com aurorashop.me
0 global.ib-ibi.com Failed c1.adform.net
105 66
Subject Issuer Validity Valid
aurorashop.me
R3
2023-01-12 -
2023-04-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-15 -
2023-11-15
a year crt.sh
gtag-analytics.com
R3
2023-01-27 -
2023-04-27
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-28 -
2023-05-28
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.seadform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-20 -
2023-11-09
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-15
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-14 -
2023-06-16
a year crt.sh
eyeota.net
GoGetSSL RSA DV CA
2022-03-18 -
2023-03-18
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-20 -
2023-10-19
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.userreport.com
Amazon
2022-12-20 -
2024-01-18
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
teads.tv
R3
2023-01-20 -
2023-04-20
3 months crt.sh
sync.1dmp.io
R3
2023-01-31 -
2023-05-01
3 months crt.sh
s.ad.smaato.net
Amazon
2022-08-22 -
2023-09-20
a year crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA
2022-05-31 -
2023-06-04
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2022-05-18 -
2023-06-19
a year crt.sh

This page contains 5 frames:

Primary Page: https://aurorashop.me/pub/
Frame ID: D960A3E680E7BE997CD07BB970C43414
Requests: 55 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Frame ID: DE78A748567FCD641D67823AE1C38ED3
Requests: 46 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63b77dcd282/css/min-widget.css
Frame ID: 838E35B6EA82C5B2526B15D5E34BF65C
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63b77dcd282/css/message-preview.css
Frame ID: B8BA4237BB886B9D6A622B09EE3F9194
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63b77dcd282/css/max-widget.css
Frame ID: A816F7732E0D28FA631CCBCACD5BB833
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Aurora

Detected technologies

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

105
Requests

73 %
HTTPS

18 %
IPv6

54
Domains

66
Subdomains

46
IPs

11
Countries

1361 kB
Transfer

2529 kB
Size

81
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://linker-network.me/m.php?campaign=26 HTTP 301
  • https://d.linker-network.me/m?campaign=26
Request Chain 32
  • https://track.adform.net/Serving/TrackPoint/?pm=2491916&ADFdivider=%7C&ord=65783867511&ADFtpmode=2&loc=https%3A%2F%2Faurorashop.me%2Fpub%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2491916&ADFdivider=%7C&ord=65783867511&ADFtpmode=2&loc=https%3A%2F%2Faurorashop.me%2Fpub%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 37
  • https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2879649147775647626&Expiration=1676936199 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2879649147775647626&Expiration=1676936199
Request Chain 40
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2879649147775647626&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2879649147775647626&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=1e9b5c7749e340a5894df13c490808ae HTTP 307
  • https://c1.adform.net/serving/cookie/match?party=9&uid=11320b91959e69f38551a425f5a57de9c7594326211ed2736922caee42bfe2b5
Request Chain 42
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=2879649147775647626&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=2879649147775647626&_origin=1&verify=true
Request Chain 44
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2879649147775647626 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2879649147775647626 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=7610acfe-21c9-4918-aa9e-1c3ceaf6f806&_origin=1&gdpr=&gdpr_consent=
Request Chain 45
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2879649147775647626&expiration=1676936199 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2879649147775647626&expiration=1676936199&C=1
Request Chain 46
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2879649147775647626&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2879649147775647626&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=2879649147775647626&gdpr=&sInitiator=external HTTP 302
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal HTTP 302
  • https://se.semasio.net/sync/1/14876172?sExtCookieId=ff4063e1-8f09-4a00-bde6-5f2bf20543da&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=5165537558935018240&sInitiator=internal&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Q0FFMEQ2MDZDRTQ2MjU5Ng&gdpr= HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEM4tU5kvqrIcChYM1KfrCsM&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEM4tU5kvqrIcChYM1KfrCsM&sInitiator=internal&google_cver=1&gdpr= HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7197190944047495317&sInitiator=internal&gdpr=
Request Chain 48
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2879649147775647626 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2879649147775647626&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 53
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 54
  • https://pixel.onaudience.com/?mapped=2879649147775647626&partner=68 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 55
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2879649147775647626 HTTP 302
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12023020623f380e47161622cfa452&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=7b1821300b93a2ebd5ab5c1a8d2b53b5 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12023020623f380e47161622cfa452&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=7b1821300b93a2ebd5ab5c1a8d2b53b5&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzAyMDYyM2YzODBlNDcxNjE2MjJjZmE0NTI&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEKObWk6qgy4mZVO2HHXHBAg&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM12023020623f380e47161622cfa452 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2879649147775647626 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
  • https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7197190944047102101 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7197190944047102101
Request Chain 57
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=Mjg3OTY0OTE0Nzc3NTY0NzYyNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=Mjg3OTY0OTE0Nzc3NTY0NzYyNg&google_tc= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH2nxt0gW5eeDsoXQcKZohs&google_cver=1&google_ula=1641347,0
Request Chain 58
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=5165537558935018240&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=2879649147775647626
Request Chain 62
  • https://a.audrte.com/a?adform_uid=2879649147775647626 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEK9qTrDBxDkFM5bOOBoRk_k&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 63
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2879649147775647626&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2879649147775647626&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=40283158060083617780522779198308669477&noredirect=1
Request Chain 64
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2879649147775647626 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217013104419004512851
Request Chain 65
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7197190944047495317
Request Chain 67
  • https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1066&cid=a9b163e1-8f09-4300-b802-f38f94b4addf
Request Chain 68
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=kJb5R5h51Ppb2o5
Request Chain 72
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4129251239 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=jfpCT7/TT8Rqt..VtCkLB.
Request Chain 76
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2879649147775647626&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2879649147775647626&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=2007&cid=b9191f4c-1961-4034-800f-ecf7096dadc4

105 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
aurorashop.me/pub/
93 KB
20 KB
Document
General
Full URL
https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
3785ddf53741ec93044f6ce009b75e08c61f3d97425f2431548b06ed707799dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Feb 2023 23:36:36 GMT
Expires
Sun, 06 Feb 2022 23:36:37 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
Transfer-Encoding
chunked
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Magento-Tags
FPC
X-Powered-By
PHP/7.2.34
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
d5f69138af790b549fca4246e10834b0.min.css
aurorashop.me/static/_cache/merged/
0
0

styles-l.min.css
aurorashop.me/static/frontend/Alkemy/custom/sr_Latn_RS/css/
0
0

css2
fonts.googleapis.com/
2 KB
918 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Pacifico
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6b8429f9ba44b320c4acee489b17d479b37401527a6a83746637c99385c3bd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Feb 2023 23:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 23:36:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Feb 2023 23:36:38 GMT
blocks.min.css
aurorashop.me/media/mgs/fbuilder/css/
0
0

fbuilder_config.min.css
aurorashop.me/media/mgs/fbuilder/css/1/
0
0

logo__default.svg
aurorashop.me/pub/media/logos/
5 KB
2 KB
Image
General
Full URL
https://aurorashop.me/pub/media/logos/logo__default.svg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /
Resource Hash
16226ca0fc6b78b11d8f494ad5a1b4aed03f1884d31e63fd77b7613433fc9c88
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 17:07:31 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag
"1401-5bc03f42bfac0-gzip"
Vary
Accept-Encoding,User-Agent
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1923
Expires
Tue, 06 Feb 2024 23:36:38 GMT
logo__coin_casa.svg
aurorashop.me/pub/media/logos/
8 KB
3 KB
Image
General
Full URL
https://aurorashop.me/pub/media/logos/logo__coin_casa.svg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /
Resource Hash
60f4bb81892f1fdcb30694ce88dcba9a60cf1fedb567aec9aade76bf2f2680b6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 17:07:31 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag
"1f02-5bc03f42bfac0-gzip"
Vary
Accept-Encoding,User-Agent
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3047
Expires
Tue, 06 Feb 2024 23:36:38 GMT
logo__geox.svg
aurorashop.me/pub/media/logos/
1 KB
1 KB
Image
General
Full URL
https://aurorashop.me/pub/media/logos/logo__geox.svg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /
Resource Hash
bcbf04e3de6bfb296b7a18553cfacf235d1877f664716788efb4fcc86575122d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 09:51:44 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag
"4f3-5b96604ed0c00-gzip"
Vary
Accept-Encoding,User-Agent
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
659
Expires
Tue, 06 Feb 2024 23:36:38 GMT
logo__ovs.svg
aurorashop.me/pub/media/logos/
4 KB
3 KB
Image
General
Full URL
https://aurorashop.me/pub/media/logos/logo__ovs.svg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /
Resource Hash
4c00f29765eff46ea4bc98a36a3e3f1dc1b7b064af3f0efad4647da618292d27
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 09:51:44 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag
"11c6-5b96604ed0c00-gzip"
Vary
Accept-Encoding,User-Agent
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2098
Expires
Tue, 06 Feb 2024 23:36:38 GMT
logo.svg
aurorashop.me/static/frontend/Alkemy/custom/sr_Latn_RS/images/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/static/frontend/Alkemy/custom/sr_Latn_RS/images/logo.svg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
3b6bc2546282301b0b2e783098ba96668954090a65014f592172a1a5778aeabe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=96
Expires
Sun, 06 Feb 2022 23:36:38 GMT
piazza_italia_1200x628_1.jpg
aurorashop.me/media/mgs_blog/p/i/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/mgs_blog/p/i/piazza_italia_1200x628_1.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
424c9f33502d2baf132bf7213e3b5fd188539a0351d5370c33ee1a91491e4991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=100
Expires
Sun, 06 Feb 2022 23:36:40 GMT
images_1200x628_1.jpg
aurorashop.me/media/mgs_blog/i/m/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/mgs_blog/i/m/images_1200x628_1.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
1ef363a941f6c12bbc3a322e4ac30a38a1f924428efac2d44f420db5d598195a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=100
Expires
Sun, 06 Feb 2022 23:36:40 GMT
jeans_1200x628_1.jpg
aurorashop.me/media/mgs_blog/j/e/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/mgs_blog/j/e/jeans_1200x628_1.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
0639c443fa87c56f36c3614196687ac1c4f2d1bfa340be4a9f9095dbf834bea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=95
Expires
Sun, 06 Feb 2022 23:36:40 GMT
geox_1200x628px_1.jpg
aurorashop.me/media/mgs_blog/g/e/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/mgs_blog/g/e/geox_1200x628px_1.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
5d1f170f45d8d0b63f7af2e90a3f46949868553c50686389cab31a3056748537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=100
Expires
Sun, 06 Feb 2022 23:36:40 GMT
innovative-banner-1200x628_1.jpg
aurorashop.me/media/mgs_blog/i/n/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/mgs_blog/i/n/innovative-banner-1200x628_1.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
933505a903f6a382f5871a3c40d1e32be584ed997835431ec2cccdccc801996c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=100
Expires
Sun, 06 Feb 2022 23:36:40 GMT
hero-banner-1200x628_1.jpg
aurorashop.me/media/mgs_blog/h/e/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/mgs_blog/h/e/hero-banner-1200x628_1.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
48fe773b169c7d35aceca2f8ce8be53d9ab62a69f6a2cf11dccb896c29574b74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=100
Expires
Sun, 06 Feb 2022 23:36:40 GMT
m
d.linker-network.me/
Redirect Chain
  • https://linker-network.me/m.php?campaign=26
  • https://d.linker-network.me/m?campaign=26
42 B
472 B
Image
General
Full URL
https://d.linker-network.me/m?campaign=26
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
H2
Server
2606:4700:3036::ac43:c962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-ratelimit-remaining
59
x-frame-options
SAMEORIGIN
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spPzBSFFQqPPh0dvI1yveOspDQlpW7S4S9szymT%2Bwhkr5SdDXj8iiyfo89PcLUq6FcFm2J9ImKWbxVKD6yi4iEXcATpi2AAps4wbDQebCSjQxi4of7oMnD3OexnPBVYmJ%2BhiBvEBspjzzHb7fkGf18im"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
x-ratelimit-limit
60
cf-ray
7957b5862f612c3b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 06 Feb 2023 23:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiHA0MxtoJ1etWyNStq8gZHSyCGjzIUH2SCaPVChRU2mpcZBPQkCbJfaOW%2BL6f7CuyngWFfBUL%2BVbTKNUKlut5VaTep%2Bi%2BJL5wL5ZqFGm9QfMbnz9%2B3DALJufivrq6SpNFtpmOd%2Fjn3cm%2F%2BVHlUUqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://d.linker-network.me/m?campaign=26
access-control-allow-origin
*
cf-ray
7957b585ef2e2c3b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
71b0d3082b535561aa2ac8f7f1c0a21e.min.js
aurorashop.me/static/_cache/merged/
0
0
Script
General
Full URL
https://aurorashop.me/static/_cache/merged/71b0d3082b535561aa2ac8f7f1c0a21e.min.js
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=100
Expires
Sun, 06 Feb 2022 23:36:38 GMT
js
www.googletagmanager.com/gtag/
218 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GN48C90Y6E
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b602dd0d0fcb5724253a9f550ca8a88c92e03adf93a10995df676ec31390941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78030
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Feb 2023 23:36:38 GMT
895a3e79b38bd2afec392d0c2.js
chimpstatic.com/mcjs-connected/js/users/9a8c023135681c6f9375a2c54/
2 KB
1 KB
Script
General
Full URL
https://chimpstatic.com/mcjs-connected/js/users/9a8c023135681c6f9375a2c54/895a3e79b38bd2afec392d0c2.js
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.160.100 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-160-100.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
100
Date
Mon, 06 Feb 2023 23:36:38 GMT
Content-Encoding
gzip
x-amz-request-id
3Z6N72MW7PTSZBKC
X-EdgeConnect-MidMile-RTT
0
Connection
keep-alive
Content-Length
653
x-amz-id-2
bv9YI+Rexd82QChv0CYJAFwc8Diz0jjdUzVtPyB+ZqDQyfOGIyRmsmawJ0Xw90hhXOf623mxjoA=
Last-Modified
Thu, 22 Oct 2020 09:45:30 GMT
Server
AmazonS3
ETag
"4b60d3ea13c42468679685c32a1680ac"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1242
Accept-Ranges
bytes
Expires
Mon, 06 Feb 2023 23:57:20 GMT
print.min.css
aurorashop.me/static/frontend/Alkemy/custom/sr_Latn_RS/css/
0
0

aurora-nvl-bkg.jpg
aurorashop.me/pub/media/mgs/fbuilder/backgrounds/a/u/
41 KB
41 KB
Image
General
Full URL
https://aurorashop.me/pub/media/mgs/fbuilder/backgrounds/a/u/aurora-nvl-bkg.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /
Resource Hash
66fe1e9b520ac8fb1e26d20219ef4293a55531bec6a0a1487a2ae97dc87710f6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:40 GMT
Last-Modified
Sun, 18 Apr 2021 19:47:07 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
ETag
"a296-5c0447a60dce6"
Vary
User-Agent
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
41622
Expires
Tue, 06 Feb 2024 23:36:40 GMT
Aurora_Coincasa.jpg
aurorashop.me/media/wysiwyg/slider/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/wysiwyg/slider/Aurora_Coincasa.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
1273530fcad63cbf654f3f712b7e974dbdecfa30820090e49e58baafb7cc3cd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=93
Expires
Sun, 06 Feb 2022 23:36:41 GMT
Aurora_OVS.jpg
aurorashop.me/media/wysiwyg/slider/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/wysiwyg/slider/Aurora_OVS.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
30d1d99ac8d74eba3bee6f3826d5e7acf4e8cd3e3d89cd2449d0ba0d80835062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=99
Expires
Sun, 06 Feb 2022 23:36:41 GMT
Aurora_Geox.jpg
aurorashop.me/media/wysiwyg/slider/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/wysiwyg/slider/Aurora_Geox.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
749aca31b35a33e122ab40784198fbc3fbd382b6679b035146830cec44d34830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=99
Expires
Sun, 06 Feb 2022 23:36:41 GMT
script.js
gtag-analytics.com/analytics/65526/
7 KB
7 KB
Script
General
Full URL
https://gtag-analytics.com/analytics/65526/script.js?key=01031b
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.142.238.77 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-77.238.142.185.in-addr.arpa
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9ef8e41e16e09eed0a83517d15069fe7a9ed88c3a2c591fb790b20c50bb6f80d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:39 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
6833
Content-Type
text/javascript; charset=utf-8
trackpoint-async.js
s2.adform.net/banners/scripts/st/
78 KB
30 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:39 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 10:23:25 GMT
server
nginx
x-amz-request-id
tx0000062cf0e7d8446165f-006385e0d3-329354d9-default
etag
W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
1eqd1tf8m
embed.tawk.to/5fe5eb31a8a254155ab648f0/
2 KB
943 B
Script
General
Full URL
https://embed.tawk.to/5fe5eb31a8a254155ab648f0/1eqd1tf8m
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f59c8b7d0f32d47eec103dde9d7a3407f173e8b201ac448322ad3ed87d738a44
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aurorashop.me/
Origin
https://aurorashop.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:39 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
server
cloudflare
etag
W/"stable-v4-63b77dcd282"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
7957b58e9ed135ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/
110 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-188872822-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GN48C90Y6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ed90e0598a9e2ba01317b20cc8c1fdd420aed9fceac86fd5c2f86a138040604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43913
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 22:22:06 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Feb 2023 23:36:39 GMT
collect
region1.google-analytics.com/g/
0
252 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GN48C90Y6E&gtm=45je3210&_p=840050176&cid=1181266948.1675726599&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675726599&sct=1&seg=0&dl=https%3A%2F%2Faurorashop.me%2Fpub%2F&dt=Aurora&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GN48C90Y6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aurorashop.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-188872822-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 23:12:08 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1471
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 07 Feb 2023 01:12:08 GMT
collect
www.google-analytics.com/j/
2 B
205 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=840050176&t=pageview&_s=1&dl=https%3A%2F%2Faurorashop.me%2Fpub%2F&ul=en-us&de=UTF-8&dt=Aurora&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2092842790&gjid=1118652875&cid=1181266948.1675726599&tid=UA-188872822-1&_gid=1540865751.1675726600&_r=1&gtm=457e3210&z=1371104344
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://aurorashop.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aurorashop.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=2491916&ADFdivider=%7C&ord=65783867511&ADFtpmode=2&loc=https%3A%2F%2Faurorashop.me%2Fpub%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2491916&ADFdivider=%7C&ord=65783867511&ADFtpmode=2&loc=https%3A%2F%2Faurorashop.me%2Fpub%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
845 B
1 KB
Script
General
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2491916&ADFdivider=%7C&ord=65783867511&ADFtpmode=2&loc=https%3A%2F%2Faurorashop.me%2Fpub%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
be88ee0d27192155d79954af5710e5724389dd9950b356f3e10b083a2d31e14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
684
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html; charset=utf-8
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2491916&ADFdivider=%7C&ord=65783867511&ADFtpmode=2&loc=https%3A%2F%2Faurorashop.me%2Fpub%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
collect
stats.g.doubleclick.net/j/
1 B
344 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-188872822-1&cid=1181266948.1675726599&jid=2092842790&gjid=1118652875&_gid=1540865751.1675726600&_u=YADAAUAAAAAAACAAI~&z=607508020
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aurorashop.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 06 Feb 2023 23:36:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aurorashop.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixels
c1.adform.net/imatch/ Frame DE78
5 KB
2 KB
Document
General
Full URL
https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Requested by
Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=2491916&ADFdivider=%7C&ord=65783867511&ADFtpmode=2&loc=https%3A%2F%2Faurorashop.me%2Fpub%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
778ae0a921a0d5fd4cf2966ae33dae5ac550f563dd86323671ac5391bfe67e55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aurorashop.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Feb 2023 23:36:39 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
server.seadform.net/serving/cookie/sync/
35 B
344 B
Image
General
Full URL
https://server.seadform.net/serving/cookie/sync/?uid=2879649147775647626&stamp=GEwSVCkB5c0DvP-67D9Y4w2
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Feb 2023 23:36:39 GMT
cache-control
private
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
plf
c1.adform.net/imatch/ Frame DE78
0
261 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ul_cb/ Frame DE78
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2879649147775647626&Expiration=1676936199
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2879649147775647626&Expiration=1676936199
43 B
425 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2879649147775647626&Expiration=1676936199
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
35.158.48.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-48-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Feb 2023 23:36:40 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2879649147775647626&Expiration=1676936199
date
Mon, 06 Feb 2023 23:36:39 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame DE78
0
525 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.32.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-32-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 23:36:39 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sun, 05 Feb 2023 23:36:39 GMT
token
token.rubiconproject.com/ Frame DE78
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame DE78
Redirect Chain
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2879649147775647626&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2879649147775647626&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=1e9b5c7749e340a58...
  • https://c1.adform.net/serving/cookie/match?party=9&uid=11320b91959e69f38551a425f5a57de9c7594326211ed2736922caee42bfe2b5
35 B
477 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=9&uid=11320b91959e69f38551a425f5a57de9c7594326211ed2736922caee42bfe2b5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://c1.adform.net/serving/cookie/match?party=9&uid=11320b91959e69f38551a425f5a57de9c7594326211ed2736922caee42bfe2b5
date
Mon, 06 Feb 2023 23:36:39 GMT
content-length
0
p3p
CP=NOI PSA OUR
/
rtb-csync.smartadserver.com/redir/ Frame DE78
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2879649147775647626&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.146 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:39 GMT
transfer-encoding
chunked
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/55944/ Frame DE78
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=2879649147775647626&_origin=1
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=2879649147775647626&_origin=1&verify=true
0
121 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2879649147775647626&_origin=1&verify=true
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2879649147775647626&_origin=1&verify=true
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame DE78
43 B
682 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.19 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-19.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 23:36:40 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1675726600108037-404
Expires
Mon, 06 Feb 2023 23:36:40 GMT
sync
ups.analytics.yahoo.com/ups/55859/ Frame DE78
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2879649147775647626
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2879649147775647626
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=7610acfe-21c9-4918-aa9e-1c3ceaf6f806&_origin=1&gdpr=&gdpr_consent=
0
132 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55859/sync?uid=7610acfe-21c9-4918-aa9e-1c3ceaf6f806&_origin=1&gdpr=&gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
//ups.analytics.yahoo.com/ups/55859/sync?uid=7610acfe-21c9-4918-aa9e-1c3ceaf6f806&_origin=1&gdpr=&gdpr_consent=
date
Mon, 06 Feb 2023 23:36:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rum
dsum-sec.casalemedia.com/ Frame DE78
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2879649147775647626&expiration=1676936199
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2879649147775647626&expiration=1676936199&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2879649147775647626&expiration=1676936199&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 23:36:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 23:36:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=111&external_user_id=2879649147775647626&expiration=1676936199&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
647471
se.semasio.net/sync/1/ Frame DE78
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2879649147775647626&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2879649147775647626&sInitiator=external
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=2879649147775647626&gdpr=&sInitiator=external
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
  • https://se.semasio.net/sync/1/14876172?sExtCookieId=ff4063e1-8f09-4a00-bde6-5f2bf20543da&sInitiator=internal&gdpr=&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=5165537558935018240&sInitiator=internal&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Q0FFMEQ2MDZDRTQ2MjU5Ng&gdpr=
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEM4tU5kvqrIcChYM1KfrCsM&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEM4tU5kvqrIcChYM1KfrCsM&sInitiator=internal&google_cver=1&gdpr=
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7197190944047495317&sInitiator=internal&gdpr=
0
415 B
Image
General
Full URL
https://se.semasio.net/sync/1/647471?sExtCookieId=7197190944047495317&sInitiator=internal&gdpr=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:46 GMT
uip-status
Ok
frontend-id
04
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Location
https://se.semasio.net/sync/1/647471?sExtCookieId=7197190944047495317&sInitiator=internal&gdpr=
Date
Mon, 06 Feb 2023 23:36:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
match
ps.eyeota.net/ Frame DE78
0
344 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=2879649147775647626&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:39 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel.gif
load77.exelator.com/ Frame DE78
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2879649147775647626
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2879649147775647626&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
342 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
Abm0DAb2oSb/iIwDAA
x-accel-expires
@1676530816
date
Mon, 06 Feb 2023 23:36:40 GMT
x-77-pop
viennaAT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-77-nzt-ray
fefc880d30153b23088fe1639ff26015
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-77-cache
HIT
x-age
232584
accept-ranges
bytes
content-length
43

Redirect headers

date
Mon, 06 Feb 2023 23:36:40 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
398366.gif
idsync.rlcdn.com/ Frame DE78
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/398366.gif?partner_uid=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2879649147775647626/gdpr=/ Frame DE78
49 B
266 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2879649147775647626/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.53.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-53-119.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.27.208
content-length
49
expires
0
29729
tags.bluekai.com/site/ Frame DE78
62 B
227 B
Image
General
Full URL
https://tags.bluekai.com/site/29729?id=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 06 Feb 2023 23:36:40 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame DE78
43 B
273 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame DE78
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Server
52.218.30.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:41 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
ZTAZRCC01VZ7QW2H
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
cuZsqwziYkNw6/sUfBqyKXEZBG7NCapX4HEk6SPQKSHnKu3yShreUcdwnKt2frpSJlE+Zvi/h2o=

Redirect headers

X-Error-Reason
Missing UserId
Date
Mon, 06 Feb 2023 23:36:40 GMT
Server
akka-http/10.2.10
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
generic
match.adsrvr.org/track/cmf/ Frame DE78
Redirect Chain
  • https://pixel.onaudience.com/?mapped=2879649147775647626&partner=68
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
/
cm.adsafety.net/ Frame DE78
Redirect Chain
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2879649147775647626
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12023020623f380e47161622cfa452&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=7b1821300b93a2ebd5ab5c1a8d2b53b5
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12023020623f380e47161622cfa452&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=7b1821300b93a2ebd5ab5c1a8d2b53b5&idt_did_status=added&gdpr_consent=&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzAyMDYyM2YzODBlNDcxNjE2MjJjZmE0NTI&gdpr_consent=&gdpr=0
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEKObWk6qgy4mZVO2HHXHBAg&gdpr_consent=&gdpr=0&google_cver=1
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM12023020623f380e47161622cfa452
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2879649147775647626
  • https://dsp.adfarm1.adition.com/cookie/?ssp=6
  • https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7197190944047102101
  • https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7197190944047102101
43 B
2 KB
Image
General
Full URL
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7197190944047102101
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Server
139.162.145.200 Frankfurt am Main, Germany, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
li1412-200.members.linode.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 23:36:40 GMT
Last-Modified
Mon, 06 Feb 2023 23:36:40 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7197190944047102101
Date
Mon, 06 Feb 2023 23:36:40 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Transfer-Encoding
chunked
Content-Type
text/html
usermatch.gif
beacon.krxd.net/ Frame DE78
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.101.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-101-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by
beacon-n018-dub-prod.krxd.net
date
Mon, 06 Feb 2023 23:36:40 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1675726600
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
c1.adform.net/serving/cookie/match/ Frame DE78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=Mjg3OTY0OTE0Nzc3NTY0NzYyNg
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=Mjg3OTY0OTE0Nzc3NTY0NzYyNg&google_tc=
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH2nxt0gW5eeDsoXQcKZohs&google_cver=1&google_ula=1641347,0
35 B
477 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH2nxt0gW5eeDsoXQcKZohs&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH2nxt0gW5eeDsoXQcKZohs&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
secure.adnxs.com/ Frame DE78
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
  • https://c1.adform.net/serving/cookie/match?party=3&id=5165537558935018240&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=2879649147775647626
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=91&code=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 23:36:40 GMT
AN-X-Request-Uuid
3de8eb0b-f56a-4550-8b6e-4d5471fcd8af
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.31; 217.64.151.31; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=2879649147775647626
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
plf
c1.adform.net/imatch/ Frame DE78
0
261 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
Pug
simage2.pubmatic.com/AdServer/ Frame DE78
42 B
448 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 06 Feb 2023 23:36:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame DE78
43 B
444 B
Image
General
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 01:19:34 GMT
Via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
FRA56-C1
Age
80226
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
JSFAvjsAPtvEb12-WFcSsLfNxG8ndCwO_-GFom27sKkpWGLwQ-L6lQ==
p
a.audrte.com/ Frame DE78
Redirect Chain
  • https://a.audrte.com/a?adform_uid=2879649147775647626
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEK9qTrDBxDkFM5bOOBoRk_k&google_cver=1
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Server
52.20.193.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-193-33.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 06 Feb 2023 23:36:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame DE78
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2879649147775647626&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2879649147775647626&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=40283158060083617780522779198308669477&noredirect=1
35 B
477 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=40283158060083617780522779198308669477&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

DCS
dcs-prod-irl1-2-v045-0492369ce.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
BCiTeQo3To4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://c1.adform.net/serving/cookie/match?party=1007&cid=40283158060083617780522779198308669477&noredirect=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame DE78
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2879649147775647626
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217013104419004512851
35 B
468 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217013104419004512851
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217013104419004512851
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame DE78
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7197190944047495317
35 B
468 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7197190944047495317
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7197190944047495317
Date
Mon, 06 Feb 2023 23:36:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame DE78
62 B
439 B
Image
General
Full URL
https://tags.bluekai.com/site/33302?id=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 06 Feb 2023 23:36:40 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame DE78
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
  • https://c1.adform.net/serving/cookie/match?party=1066&cid=a9b163e1-8f09-4300-b802-f38f94b4addf
35 B
468 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1066&cid=a9b163e1-8f09-4300-b802-f38f94b4addf
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Date
Mon, 06 Feb 2023 23:36:40 GMT
Server
MT3 441 9053ffc master zrh-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://c1.adform.net/serving/cookie/match?party=1066&cid=a9b163e1-8f09-4300-b802-f38f94b4addf
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 06 Feb 2023 23:36:39 GMT
match
c1.adform.net/serving/cookie/ Frame DE78
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=kJb5R5h51Ppb2o5
35 B
468 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=kJb5R5h51Ppb2o5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Mon, 06 Feb 2023 23:36:39 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/d601d38#rel-ec2-master i-02d4862961d254dec@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=kJb5R5h51Ppb2o5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame DE78
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
image.sbmx
global.ib-ibi.com/ Frame DE78
0
0

0.gif
id5-sync.com/s/10/ Frame DE78
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/10/0.gif?puid=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
/
dmp.adform.net/serving/cookie/match/ Frame DE78
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4129251239
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=jfpCT7/TT8Rqt..VtCkLB.
35 B
477 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=jfpCT7/TT8Rqt..VtCkLB.
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:39 GMT
via
1.1 google
last-modified
Mon, 06 Feb 2023 23:36:40 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=jfpCT7/TT8Rqt..VtCkLB.
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame DE78
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=119&uid=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Mon, 06 Feb 2023 23:36:40 GMT
pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
pixel.gif
sync.1dmp.io/ Frame DE78
12 B
155 B
Image
General
Full URL
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software
elb /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:40 GMT
last-modified
Mon, 30 Jan 2023 18:57:34 GMT
server
elb
accept-ranges
bytes
etag
"63d8131e-c"
content-length
12
content-type
text/html
/
s.ad.smaato.net/c/ Frame DE78
0
241 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:40 GMT
cache-control
no-cache, must-revalidate
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
TCQwQKJcAg7SjNb3Nb9_XpWU1q_PLFP4g6a8nqJ4Jf_q68CLxt57WA==
x-cache
FunctionGeneratedResponse from cloudfront
match
c1.adform.net/serving/cookie/ Frame DE78
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2879649147775647626&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2879649147775647626&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
  • https://c1.adform.net/serving/cookie/match?party=2007&cid=b9191f4c-1961-4034-800f-ecf7096dadc4
35 B
468 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=2007&cid=b9191f4c-1961-4034-800f-ecf7096dadc4
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

date
Mon, 06 Feb 2023 23:36:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://c1.adform.net/serving/cookie/match?party=2007&cid=b9191f4c-1961-4034-800f-ecf7096dadc4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
2879649147775647626
match.contentexchange.me/adform/ Frame DE78
0
49 B
Image
General
Full URL
https://match.contentexchange.me/adform/2879649147775647626?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:40 GMT
content-length
0
server
nginx/1.16.1
xuid
eb2.3lift.com/ Frame DE78
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=2879649147775647626&dongle=AD20
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
put
e1.emxdgt.com/ Frame DE78
0
55 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d52&uid=2879649147775647626
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:40 GMT
content-length
0
content-type
text/html
plf
c1.adform.net/imatch/ Frame DE78
0
261 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2879649147775647626&agencyId=7632&advertiserId=2107926&src=tp&rnd=874055
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
Aurora_Piazza_Italia.jpg
aurorashop.me/media/wysiwyg/slider/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/wysiwyg/slider/Aurora_Piazza_Italia.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
25700ed0db39ad8a5ab3f8d24cb5dcee020c6e873e16365757adf8ac9e411a25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=92
Expires
Sun, 06 Feb 2022 23:36:42 GMT
Aurora_Samsonite.jpg
aurorashop.me/media/wysiwyg/slider/
71 KB
71 KB
Image
General
Full URL
https://aurorashop.me/media/wysiwyg/slider/Aurora_Samsonite.jpg
Requested by
Host: aurorashop.me
URL: https://aurorashop.me/pub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.136.91.32 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m4s7.logate.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
c28810ae59402b0aa787a72980fba02a7b2ffe5beae625d5eddb9e6e0e281908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/pub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 23:36:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Status
404 File not found
X-Magento-Tags
FPC
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, no-cache, no-store
Keep-Alive
timeout=5, max=98
Expires
Sun, 06 Feb 2022 23:36:42 GMT
twk-main.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
121 B
182 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fe5eb31a8a254155ab648f0/1eqd1tf8m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aurorashop.me/
Origin
https://aurorashop.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:42 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
content-encoding
br
etag
W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status
HIT
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b59c596835ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-vendor.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
76 KB
27 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fe5eb31a8a254155ab648f0/1eqd1tf8m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aurorashop.me/
Origin
https://aurorashop.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:42 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
content-encoding
br
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
x-cache-status
HIT
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b59c596935ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
206 KB
61 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fe5eb31a8a254155ab648f0/1eqd1tf8m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aurorashop.me/
Origin
https://aurorashop.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:41 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
content-encoding
br
etag
W/"70dac54eca3bb2143032bc4db3237623"
x-cache-status
HIT
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b59c596b35ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-chunk-common.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
192 KB
40 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fe5eb31a8a254155ab648f0/1eqd1tf8m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e76be61057b7d805440ba2693d2c357f9a828fa8bda74170b9ac70b58af626d7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aurorashop.me/
Origin
https://aurorashop.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:42 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
content-encoding
br
etag
W/"385105148a50079bafff97e9c9476109"
x-cache-status
HIT
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b59c596d35ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-runtime.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
2 KB
1 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fe5eb31a8a254155ab648f0/1eqd1tf8m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da3edd648fc579bc07c4b1b1bb3ba1e8258ae308049a311e5966464295eb0e51
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aurorashop.me/
Origin
https://aurorashop.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:41 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
content-encoding
br
etag
W/"de21d01e9f8b6cc35ea67267d0ba80ec"
x-cache-status
HIT
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b59c596e35ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-app.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
151 B
206 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fe5eb31a8a254155ab648f0/1eqd1tf8m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aurorashop.me/
Origin
https://aurorashop.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:42 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
content-encoding
br
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status
HIT
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b59c596f35ec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget-settings
va.tawk.to/v1/
2 KB
1 KB
Fetch
General
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5fe5eb31a8a254155ab648f0&widgetId=1eqd1tf8m&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b58b84bc84a1eaff8a559497f1f12bbb34a96cb1b8fada6108d512d759ac053
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:42 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-mp4c
server
cloudflare
etag
W/"2-65-0"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
7957b5a06c5235ec-FRA
access-control-allow-headers
content-type,x-tawk-token
start
va.tawk.to/v1/session/
1 KB
1 KB
Fetch
General
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000ecd3c2d67facb8ed23ea51fbcef2683310e9b43747ca5b70e90e9952bf395
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aurorashop.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://aurorashop.me
access-control-allow-credentials
true
cf-ray
7957b5a148053666-FRA
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-dkm9
start
va.tawk.to/v1/session/ Frame
0
0
Preflight
General
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://aurorashop.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://aurorashop.me
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7957b5a06c5135ec-FRA
date
Mon, 06 Feb 2023 23:36:42 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-v2b4
sr_cs.js
embed.tawk.to/_s/v4/app/63b77dcd282/languages/
17 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/languages/sr_cs.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69ea3d1ee52be208b4423adb3e91db88995ccaaf9081d96d19f7cd6d12565e9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:42 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
496525
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"ba88ffe41c1fa5f0b568375efff4e237"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a1480a3666-FRA
twk-chunk-2c78ba82.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
7 KB
2 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
498052
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"fac25ff2d2c405e1ac7e156dca1f819c"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a6ac3a3666-FRA
twk-chunk-696bc286.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
16 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3bbf1d795232665eceff33610ed6876b9d83db71364782c2d9bbe26a1753ae9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
498052
x-cache-status
STALE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"2aa8e4d8fcf9760a324a8b2e7902f6ca"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a6ac3b3666-FRA
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
15 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87e512de8c063410a12ffdd7c34124de2dade5a644ed49bb66213ca3e26dde4b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
498052
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"d9f3d1c4504d77c3e7c2e3e2f126fd9b"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a6ac3c3666-FRA
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
942 B
733 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
290965
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"5f434bdd806571a4e1b385bee9316ff6"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a6bc3d3666-FRA
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
546 B
624 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
498052
x-cache-status
STALE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"09c3819d373bd4178a620d721429fada"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a6bc3f3666-FRA
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
11 KB
4 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
498052
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"a92075fd9ac5ba130387a80453676099"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a6bc423666-FRA
twk-chunk-32507910.js
embed.tawk.to/_s/v4/app/63b77dcd282/js/
73 KB
16 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5545096f7c7a5c5b9e151ed1127b929098806899b9f910e547f3cbcbbbdcfc7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
498051
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"b931365947ecaea657544f82994716af"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a6bc443666-FRA
min-widget.css
embed.tawk.to/_s/v4/app/63b77dcd282/css/ Frame 838E
24 KB
5 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
498051
cf-polished
origSize=24960
x-cache-status
STALE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"80df9814fe6b98404ccc1df3c455ceaa"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a6dc623666-FRA
message-preview.css
embed.tawk.to/_s/v4/app/63b77dcd282/css/ Frame B8BA
37 KB
8 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
498051
cf-polished
origSize=38268
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"949ecc85ac578750ec9a03e5680f7b0e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a6fc773666-FRA
max-widget.css
embed.tawk.to/_s/v4/app/63b77dcd282/css/ Frame A816
74 KB
14 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/63b77dcd282/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
498051
cf-polished
origSize=75771
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 06 Jan 2023 01:49:34 GMT
server
cloudflare
etag
W/"0158db159e8967dbda5865ed6b2e435d"
vary
X-Goog-Allowed-Resources, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
7957b5a71c8b3666-FRA
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/
295 KB
39 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurorashop.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 23:36:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
496115
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19144-FRA, cache-yyz4538-YYZ
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkMMwqXQslxnZn%2B%2FL3rhOClybHBQVTU%2FcenR4gS69vVU2Q8Edr%2BHc%2B5O2jN6arrKoidWIUUCqLnLzFIKnE2IEuRJ49TNw47nP5NT0FytJegt%2F3af6YKPQpKkwfurhPwIVgd6TIMwCAfVVeRxdI8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7957b5a75e713609-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aurorashop.me
URL
https://aurorashop.me/static/_cache/merged/d5f69138af790b549fca4246e10834b0.min.css
Domain
aurorashop.me
URL
https://aurorashop.me/static/frontend/Alkemy/custom/sr_Latn_RS/css/styles-l.min.css
Domain
aurorashop.me
URL
https://aurorashop.me/media/mgs/fbuilder/css/blocks.min.css
Domain
aurorashop.me
URL
https://aurorashop.me/media/mgs/fbuilder/css/1/fbuilder_config.min.css
Domain
aurorashop.me
URL
https://aurorashop.me/static/frontend/Alkemy/custom/sr_Latn_RS/css/print.min.css
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2879649147775647626

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange string| BASE_URL object| require string| WEB_URL_AJAX string| WEB_URL function| gtag object| dataLayer object| cookiesConfig function| setLocation object| _adftrack object| checkout object| authenticationPopup object| ajaxCartConfig function| toggleEl object| $_Tawk_API object| $_Tawk_LoadStart function| includeQuickviewAction boolean| isGdprCookieEnabled object| amCookieGroups object| google_tag_manager object| google_tag_data object| $mcSite function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga function| _gtag_manager object| gaplugins object| gaData object| Adform object| KJUR object| adf string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| Tawk_API object| emojione

81 Cookies

Domain/Path Name / Value
.aurorashop.me/ Name: PHPSESSID
Value: 35itkvesl20c79hnfc3umsgdgl
.linker-network.me/ Name: linker-26
Value: 1
.aurorashop.me/ Name: _ga_GN48C90Y6E
Value: GS1.1.1675726599.1.0.1675726599.0.0.0
.aurorashop.me/ Name: _ga
Value: GA1.2.1181266948.1675726599
.aurorashop.me/ Name: _gid
Value: GA1.2.1540865751.1675726600
.aurorashop.me/ Name: _gat_gtag_UA_188872822_1
Value: 1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 2879649147775647626
.adform.net/ Name: CM
Value: 1|1
.seadform.net/ Name: uid
Value: 2879649147775647626
.adform.net/ Name: CM14
Value: 1675812999_1675726599_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.adscale.de/ Name: uu
Value: 1e9b5c7749e340a5894df13c490808ae
.adscale.de/ Name: cct
Value: 1675726599901
.ih.adscale.de/ Name: tu
Value: 4#534220018#42~2879649147775647626~465479~0~0
.eyeota.net/ Name: SERVERID
Value: 24411~DM
.360yield.com/ Name: tuuid
Value: fb8aed18-6d03-4d32-9470-6eb2bc2610e5
.360yield.com/ Name: tuuid_lu
Value: 1675726599
.casalemedia.com/ Name: CMID
Value: Y.GPB0xmggkHcN2Y3DTAEgAA
.casalemedia.com/ Name: CMPS
Value: 1156
.casalemedia.com/ Name: CMPRO
Value: 1156
.360yield.com/ Name: um
Value: !42,VyvMbOsbG7UnaFelrXWc3UjOJbFqD5-4izmwvLIofyJs,1676936199
.360yield.com/ Name: umeh
Value: !42,0,1737934599,-1
.exelator.com/ Name: EE
Value: "5f2c2d458925007ac431b9b20334d619"
cm.adsafety.net/ Name: UID
Value: CM12023020623f380e47161622cfa452
.adsafety.net/ Name: cm_uid
Value: CM12023020623f380e47161622cfa452
.yahoo.com/ Name: A3
Value: d=AQABBAiP4WMCEN15MANKi6ewu_kbE_fI3xQFEgEBAQHg4mPrYwAAAAAA_eMAAA&S=AQAAAjggNfoiQazB8eAE4OK0EZc
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE0zSjZKMXE1MLSyNTAwDwx2cTYMMkyycjA2NgkxczQcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAckl%252BUWb6IhfXxUUpaQyLSopPBR8W6QYAX1MpMA%253D%253D"
.bidswitch.net/ Name: tuuid
Value: 7610acfe-21c9-4918-aa9e-1c3ceaf6f806
.bidswitch.net/ Name: c
Value: 1675726600
.bidswitch.net/ Name: tuuid_lu
Value: 1675726600
tags.adsafety.net/ Name: UID
Value: 7b1821300b93a2ebd5ab5c1a8d2b53b5
tags.adsafety.net/ Name: DID
Value: 7b1821300b93a2ebd5ab5c1a8d2b53b5
tags.adsafety.net/ Name: IDT
Value: 100
tags.adsafety.net/ Name: cookie_ver
Value: 2
tags.adsafety.net/ Name: block_reset
Value: 1
.adsafety.net/ Name: ct_uid
Value: 7b1821300b93a2ebd5ab5c1a8d2b53b5
.adsafety.net/ Name: ct_did
Value: 7b1821300b93a2ebd5ab5c1a8d2b53b5
.adsafety.net/ Name: ct_idt
Value: 100
cm.adsafety.net/ Name: permanent
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "1760~29un:173n~29un"
ads.smartstream.tv/ Name: DID
Value: 7b1821300b93a2ebd5ab5c1a8d2b53b5
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
ads.smartstream.tv/ Name: cm_uid
Value: CM12023020623f380e47161622cfa452
.semasio.net/ Name: SEUNCY
Value: CAE0D606CE462596
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 2879649147775647626
.ads.stickyadstv.com/ Name: UID
Value: de8ebbf7c2eae6541e2dea71cc32f5
.krxd.net/ Name: _kuid_
Value: PXT8Za-E
.doubleclick.net/ Name: IDE
Value: AHWqTUlzQMRosB-9zy-KpAVBk3xiX99FBey7hJFnL4-HvcWWxwgOK7GMrS_1YT3XqNA
.adnxs.com/ Name: uuid2
Value: 5165537558935018240
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2879649147775647626&KRTB&23263-2879649147775647626
.pubmatic.com/ Name: PugT
Value: 1675726600
.adnxs.com/ Name: anj
Value: dTM7k!M4/YD>6NRF']wIg2C$G>]?6K!@wnfH8K4YRH[@9=E'B(lx]Igif8vklycI)e<(W]=ZBr'lS*rhP(hw9P-HC_#tu#O(/UB/
.adfarm1.adition.com/ Name: UserID1
Value: 7197190944047495317
.onaudience.com/ Name: cookie
Value: 1edaa2b0490afcd7
.onaudience.com/ Name: done_redirects147
Value: 1
.agkn.com/ Name: ab
Value: 0001%3A%2BEjt8UKk%2BX1NzCKVHyASrh7ixQA1cwAP
.w55c.net/ Name: wfivefivec
Value: kJb5R5h51Ppb2o5
.w55c.net/ Name: matchadform
Value: 5
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.weborama.fr/ Name: AFFICHE_W
Value: ZMcpYTdsyT9k64
.mathtag.com/ Name: uuid
Value: a9b163e1-8f09-4300-b802-f38f94b4addf
.bluekai.com/ Name: bku
Value: aG/999iwTVmDZKzG
.bluekai.com/ Name: bkpa
Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwE/TBpAtBeAhBezlBpDtBezt1MRe9JbKYa1=
cm.adsafety.net/ Name: cache0
Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaOEVsYWVwRXBBQWxLWE1aWWR6Wi8zdzhDNkRVMFN1VnRFd1lvZ0xGOEJpYkl1emxZZnUvTU5Jc3FGaVJDVDJnOWMxZEIrK3hhL0pXU0RxaURNMUh6L0JOdXFqNmFTaHpLZkZmZUhZUWpJc21MMzNiVWQ5a3lFRXFnMDVkOGVqd1VxeTJMOURrWHVZYmVXdVBqZUcyNE1mek1oRitQQmVhREs2UWdZUXRVNkJLcWFKcTBKTVFuTEFMU1hQZktyWm1TMDNmRjUwTG4vYmdLVFZkaTJIOENsaFB4c1dHcFdHLzZQMGh6aG9iV1MvbEM0OHBJTmgrNGdRNkt1T1lxTWh2NDFtZ2d6dldoTlF4SGdmQnNYSzZucUdhZ2Q0T0JmaEZvQUZCQWVKdU5MWGtVWXpIaVY5QXhvMWJOZnQ1aCtIaUI4UEhCcndqTEtWdmttSXZGbHpFRDRvWFhhZzl1L3ptZHRvYlh4RkthbGlCRzl4R0VSRTdBS1VRUVE5Q0FPSEFXYzlZRGUwTnFaWVJtN01sM2JtRjZRU3Y0VmdMcC9hbWpnT1VMdktaWGNTR2hvMzE4dUxodmRTWlpKd1o3Q1o0YWhDaHIwb3dXaGFCQkdTOUo3a1dMOFI1dm9Ed3luc1FKQmFyN2FRWmYxQlg5eENySmpoMEp3WUY3L3ZSUTBCaHZ1eXRjSUpjTy9HdEh0NzhCL29BQmtWQzZCZHdBd3lGcTh0V1ZINEdOWFdVak8rTS9TSXZ2a1RRNlRSWTh4ZmdrdkE3MHNOQnFvcHg0MUlDUXNBSDlpaGpGSm1jcnd3Y0VHRTE1bGx2NGdtcm9peDk1VUh3RWVpa1FCNmZ6ZkdHUmFZSm9QNzZzaTZVWHM4MytzbDZNZHQzZHB5TktXdlRnTFp0VFFUWkZKVG5lb1o5NHpsZ04wUlF5ei9GbldSVnU2bkxZS1VqL2RzRGRCd1gvSWpqczBpNzVLN0RXQndjQjRMQzg4TklvYW1EM3oyT1Rlb0s1S2k3SFhiMmxRNUZIS2gyMnREcU5jSzJtKzRmUmxvLytTdTc5a0w1WUp6SXpCNFozUDdvN3huRlpqWVAxeXpNVkt0c1dudVhSSkxZM3RhMmhDVEpyYjRpZElIcGMyak1ZNlA2WGpiNUJjY1p4d0lvNGJDTTJRRm8xbFdTb0x2QTg4ZS9Eclg4NjZyNGdrZ044dURHYmRFejlQenAyWDhXVXBCRitkcUlwdFRTUm55S1hyclBkNDJvTlJUWmFPazliZGtEWDJvWFhFQVJVWlZvWHZoWExxeDFMdSszd2wwbnVZdXJhYjQweDFTOTc5dnQxbUtpY0t2bg%3D%3D
.tapad.com/ Name: TapAd_TS
Value: 1675726600640
.tapad.com/ Name: TapAd_DID
Value: b9191f4c-1961-4034-800f-ecf7096dadc4
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.audrte.com/ Name: arcki2
Value: l5gIb6bT80TQnOcWr-rrDbDlQ!20220908!1675726600661!ip#217.64.151.31
.audrte.com/ Name: arcki2_adform
Value: 2879649147775647626!20220908!1675726600665
.demdex.net/ Name: demdex
Value: 40283158060083617780522779198308669477
.audrte.com/ Name: arcki2_ddp
Value: CAESEK9qTrDBxDkFM5bOOBoRk_k!20220908!1675726600799
.dpm.demdex.net/ Name: dpm
Value: 40283158060083617780522779198308669477
aurorashop.me/ Name: twk_idm_key
Value: Dpkv-VPpQ4y_5ZsvOi5X8
aurorashop.me/ Name: TawkConnectionTime
Value: 0
.aurorashop.me/ Name: twk_uuid_5fe5eb31a8a254155ab648f0
Value: %7B%22uuid%22%3A%221.1vWmQNQF314QqxrrZW04eSQH3dwg3ZpYccVBuQQylKP1yYmlmyEpcuQbFnpeNeZAoOBZ1m9uAzhE7Kci7o6pAmJ4YKZAzUHfPLSYs1H0vE6jZLm1PzbF0he%22%2C%22version%22%3A3%2C%22domain%22%3A%22aurorashop.me%22%2C%22ts%22%3A1675726603304%7D

22 Console Messages

Source Level URL
Text
security error URL: https://aurorashop.me/pub/
Message:
Refused to apply style from 'https://aurorashop.me/static/_cache/merged/d5f69138af790b549fca4246e10834b0.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://aurorashop.me/pub/
Message:
Refused to apply style from 'https://aurorashop.me/static/frontend/Alkemy/custom/sr_Latn_RS/css/styles-l.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://aurorashop.me/static/_cache/merged/71b0d3082b535561aa2ac8f7f1c0a21e.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aurorashop.me/static/frontend/Alkemy/custom/sr_Latn_RS/images/logo.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://aurorashop.me/pub/
Message:
Refused to apply style from 'https://aurorashop.me/media/mgs/fbuilder/css/blocks.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://aurorashop.me/pub/
Message:
Refused to apply style from 'https://aurorashop.me/media/mgs/fbuilder/css/1/fbuilder_config.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://aurorashop.me/pub/
Message:
Refused to execute script from 'https://aurorashop.me/static/_cache/merged/71b0d3082b535561aa2ac8f7f1c0a21e.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2879649147775647626
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2879649147775647626/gdpr=/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://aurorashop.me/media/mgs_blog/j/e/jeans_1200x628_1.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aurorashop.me/media/mgs_blog/i/m/images_1200x628_1.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aurorashop.me/media/mgs_blog/g/e/geox_1200x628px_1.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aurorashop.me/media/mgs_blog/p/i/piazza_italia_1200x628_1.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aurorashop.me/media/mgs_blog/h/e/hero-banner-1200x628_1.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aurorashop.me/media/mgs_blog/i/n/innovative-banner-1200x628_1.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2879649147775647626
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://aurorashop.me/media/wysiwyg/slider/Aurora_OVS.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aurorashop.me/media/wysiwyg/slider/Aurora_Coincasa.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aurorashop.me/media/wysiwyg/slider/Aurora_Geox.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://aurorashop.me/pub/
Message:
Refused to apply style from 'https://aurorashop.me/static/frontend/Alkemy/custom/sr_Latn_RS/css/print.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://aurorashop.me/media/wysiwyg/slider/Aurora_Piazza_Italia.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aurorashop.me/media/wysiwyg/slider/Aurora_Samsonite.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
api.adrtx.net
aurorashop.me
beacon.krxd.net
c1.adform.net
cdn.jsdelivr.net
chimpstatic.com
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
d.linker-network.me
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
embed.tawk.to
eu-u.openx.net
fonts.googleapis.com
global.ib-ibi.com
gtag-analytics.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
linker-network.me
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
va.tawk.to
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
aurorashop.me
global.ib-ibi.com
104.111.217.14
104.111.217.42
104.96.160.100
13.248.245.213
139.162.145.200
139.162.147.24
162.19.138.120
172.217.16.194
18.156.0.31
18.184.216.10
18.185.191.100
18.200.218.11
185.142.238.77
185.64.190.80
185.80.39.216
185.86.138.146
185.89.210.212
2.19.32.65
2.23.97.19
2001:4860:4802:34::36
213.136.91.32
2600:9000:223f:3c00:1b:5138:8a40:93a1
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2606:4700:3036::ac43:c962
2606:4700::6810:5714
2a00:1450:4001:811::2008
2a00:1450:400d:802::200a
2a00:1450:400d:80a::200e
2a00:1450:4025:401::9a
2a02:6ea0:cb00::2
3.33.220.150
3.71.169.66
34.250.119.25
35.156.135.89
35.158.48.227
35.190.24.218
35.227.248.159
35.244.159.8
35.244.174.68
37.157.2.248
37.157.3.20
37.157.4.23
37.157.4.28
46.19.11.36
51.222.80.231
52.20.193.33
52.218.30.51
52.57.30.71
52.58.82.235
54.194.53.119
54.73.101.116
54.78.254.47
65.9.66.43
69.173.144.165
77.243.60.138
80.85.85.173
85.114.159.93
87.242.89.90
91.210.226.74
92.123.37.164
000ecd3c2d67facb8ed23ea51fbcef2683310e9b43747ca5b70e90e9952bf395
0639c443fa87c56f36c3614196687ac1c4f2d1bfa340be4a9f9095dbf834bea5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b58b84bc84a1eaff8a559497f1f12bbb34a96cb1b8fada6108d512d759ac053
1273530fcad63cbf654f3f712b7e974dbdecfa30820090e49e58baafb7cc3cd2
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
16226ca0fc6b78b11d8f494ad5a1b4aed03f1884d31e63fd77b7613433fc9c88
1ef363a941f6c12bbc3a322e4ac30a38a1f924428efac2d44f420db5d598195a
25700ed0db39ad8a5ab3f8d24cb5dcee020c6e873e16365757adf8ac9e411a25
299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b602dd0d0fcb5724253a9f550ca8a88c92e03adf93a10995df676ec31390941
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d1d99ac8d74eba3bee6f3826d5e7acf4e8cd3e3d89cd2449d0ba0d80835062
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3785ddf53741ec93044f6ce009b75e08c61f3d97425f2431548b06ed707799dd
3b6bc2546282301b0b2e783098ba96668954090a65014f592172a1a5778aeabe
3ed90e0598a9e2ba01317b20cc8c1fdd420aed9fceac86fd5c2f86a138040604
424c9f33502d2baf132bf7213e3b5fd188539a0351d5370c33ee1a91491e4991
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
48fe773b169c7d35aceca2f8ce8be53d9ab62a69f6a2cf11dccb896c29574b74
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c00f29765eff46ea4bc98a36a3e3f1dc1b7b064af3f0efad4647da618292d27
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d1f170f45d8d0b63f7af2e90a3f46949868553c50686389cab31a3056748537
60f4bb81892f1fdcb30694ce88dcba9a60cf1fedb567aec9aade76bf2f2680b6
66fe1e9b520ac8fb1e26d20219ef4293a55531bec6a0a1487a2ae97dc87710f6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
749aca31b35a33e122ab40784198fbc3fbd382b6679b035146830cec44d34830
778ae0a921a0d5fd4cf2966ae33dae5ac550f563dd86323671ac5391bfe67e55
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e512de8c063410a12ffdd7c34124de2dade5a644ed49bb66213ca3e26dde4b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
933505a903f6a382f5871a3c40d1e32be584ed997835431ec2cccdccc801996c
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe
9ef8e41e16e09eed0a83517d15069fe7a9ed88c3a2c591fb790b20c50bb6f80d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a6b8429f9ba44b320c4acee489b17d479b37401527a6a83746637c99385c3bd9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b69ea3d1ee52be208b4423adb3e91db88995ccaaf9081d96d19f7cd6d12565e9
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcbf04e3de6bfb296b7a18553cfacf235d1877f664716788efb4fcc86575122d
be88ee0d27192155d79954af5710e5724389dd9950b356f3e10b083a2d31e14f
c28810ae59402b0aa787a72980fba02a7b2ffe5beae625d5eddb9e6e0e281908
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5545096f7c7a5c5b9e151ed1127b929098806899b9f910e547f3cbcbbbdcfc7
da3edd648fc579bc07c4b1b1bb3ba1e8258ae308049a311e5966464295eb0e51
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbf1d795232665eceff33610ed6876b9d83db71364782c2d9bbe26a1753ae9
e76be61057b7d805440ba2693d2c357f9a828fa8bda74170b9ac70b58af626d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
f59c8b7d0f32d47eec103dde9d7a3407f173e8b201ac448322ad3ed87d738a44
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867