www.trumetareds.com Open in urlscan Pro
137.184.19.101 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.trumetareds.com/presentation?utm_source=directbuys
Submission: On August 25 via api (August 25th 2023, 9:58:24 am UTC) from US — Scanned from DE

Summary HTTP 125 Redirects Behaviour Indicators

Summary

This website contacted 66 IPs in 9 countries across 55 domains to perform 125 HTTP transactions. The main IP is 137.184.19.101, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.trumetareds.com.
TLS certificate: Issued by R3 on August 6th 2023. Valid for: 3 months.

This is the only time www.trumetareds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	137.184.19.101 137.184.19.101	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	34.230.108.35 34.230.108.35	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:893::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.107.199.247 34.107.199.247	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.23.228 13.32.23.228	16509 (AMAZON-02) (AMAZON-02)
13	23.36.162.78 23.36.162.78	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	143.204.214.212 143.204.214.212	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:3d::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
5	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.196.113.49 18.196.113.49	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.218.208.23 23.218.208.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.58.1.69 52.58.1.69	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	34.254.70.163 34.254.70.163	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	54.78.21.60 54.78.21.60	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.124.28.136 3.124.28.136	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2600:1f18:612... 2600:1f18:612b:4280:58ee:4fb5:9ee3:3b60	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.246.192.162 54.246.192.162	16509 (AMAZON-02) (AMAZON-02)
1	52.58.249.168 52.58.249.168	16509 (AMAZON-02) (AMAZON-02)
1	18.202.14.156 18.202.14.156	16509 (AMAZON-02) (AMAZON-02)
1	3.12.172.147 3.12.172.147	16509 (AMAZON-02) (AMAZON-02)
125	66

3 137.184.19.101 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: trumetareds.com

www.trumetareds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.230.108.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-108-35.compute-1.amazonaws.com

secure.trumetareds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:893::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com

www.ibph4trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-228.fra56.r.cloudfront.net

d9i5ve8f04qxt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.36.162.78 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-78.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.214.212 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-212.fra53.r.cloudfront.net

d1pqvb2h9xgm7r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:3d::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr2---sn-4g5ednz7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.113.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-113-49.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.1.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-1-69.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.70.163 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-70-163.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.21.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-21-60.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.28.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-28-136.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:58ee:4fb5:9ee3:3b60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.192.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-192-162.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.249.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-249-168.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.14.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-14-156.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.12.172.147 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-172-147.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 3476	1016 KB
13	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 745	146 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3989 gum.criteo.com — Cisco Umbrella Rank: 435 mug.criteo.com — Cisco Umbrella Rank: 2707 sslwidget.criteo.com — Cisco Umbrella Rank: 2079 widget.us.criteo.com — Cisco Umbrella Rank: 24514 dis.criteo.com — Cisco Umbrella Rank: 626	34 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 818	2 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 889	1 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3202 tr.outbrain.com — Cisco Umbrella Rank: 2980 wave.outbrain.com — Cisco Umbrella Rank: 3197 sync.outbrain.com — Cisco Umbrella Rank: 765	8 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 jnn-pa.googleapis.com — Cisco Umbrella Rank: 243	32 KB
5	trumetareds.com www.trumetareds.com secure.trumetareds.com	253 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 secure.adnxs.com — Cisco Umbrella Rank: 465	3 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 93 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	1 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3101 www.google.com — Cisco Umbrella Rank: 2	15 KB
4	cloudfront.net d9i5ve8f04qxt.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net	20 KB
3	gstatic.com fonts.gstatic.com	58 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1623	2 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1259 ups.analytics.yahoo.com — Cisco Umbrella Rank: 325	759 B
2	googlevideo.com rr2---sn-4g5ednz7.googlevideo.com — Cisco Umbrella Rank: 88038
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	239 B
2	google.de www.google.de — Cisco Umbrella Rank: 6490	515 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 602	7 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 839	20 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 84	67 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	137 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	186 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2054	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 648	338 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2060	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2564	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4849	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 30492	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2777	400 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 797	580 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1279	885 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 3261	274 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 688	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 411	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 897	342 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1204	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 391	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2419	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1498	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 681	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 562	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 364	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 660	786 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 352	146 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 108	73 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 241	1 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1553	637 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1073	16 KB
1	ibph4trk.com www.ibph4trk.com — Cisco Umbrella Rank: 362106	19 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1298	8 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1215	48 KB
125	55

	Domain	Requested by
14	www.youtube-nocookie.com	www.trumetareds.com www.youtube-nocookie.com
13	analytics.tiktok.com	www.trumetareds.com analytics.tiktok.com
5	ct.pinterest.com	s.pinimg.com www.trumetareds.com
5	tr.snapchat.com	sc-static.net
5	gum.criteo.com	4 redirects static.criteo.net
4	jnn-pa.googleapis.com	www.youtube-nocookie.com
3	d1pqvb2h9xgm7r.cloudfront.net	d9i5ve8f04qxt.cloudfront.net
3	fonts.gstatic.com	fonts.googleapis.com www.youtube-nocookie.com
3	www.trumetareds.com	www.trumetareds.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	rr2---sn-4g5ednz7.googlevideo.com	www.youtube-nocookie.com
2	www.google.com	www.youtube-nocookie.com www.trumetareds.com
2	www.facebook.com	www.trumetareds.com
2	www.google.de	www.trumetareds.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	tr.outbrain.com	amplify.outbrain.com
2	s.yimg.com	www.trumetareds.com s.yimg.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.youtube.com	www.trumetareds.com www.youtube.com
2	connect.facebook.net	www.trumetareds.com connect.facebook.net
2	www.googletagmanager.com	www.trumetareds.com www.googletagmanager.com
2	secure.trumetareds.com	www.trumetareds.com secure.trumetareds.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	sp.analytics.yahoo.com	www.trumetareds.com
1	widget.us.criteo.com	www.trumetareds.com
1	sslwidget.criteo.com	1 redirects
1	i.ytimg.com	www.youtube-nocookie.com
1	mug.criteo.com	www.trumetareds.com
1	yt3.ggpht.com	www.youtube-nocookie.com
1	alb.reddit.com	www.trumetareds.com
1	wave.outbrain.com	amplify.outbrain.com
1	sc-static.net	www.trumetareds.com
1	d9i5ve8f04qxt.cloudfront.net	www.googletagmanager.com
1	www.ibph4trk.com	www.googletagmanager.com
1	amplify.outbrain.com	www.trumetareds.com
1	dynamic.criteo.com	www.googletagmanager.com
1	static.criteo.net	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	fonts.googleapis.com	www.trumetareds.com
125	70

This site contains no links.

Subject Issuer	Validity	Valid
trumetareds.com R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
secure.trumetareds.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-19` - `2024-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-03` - `2023-09-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
p8btrk.com Starfield Secure Certificate Authority - G2	`2023-02-24` - `2023-12-29`	10 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-08` - `2023-10-17`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.trumetareds.com/presentation?utm_source=directbuys
Frame ID: 7A35099B5CF4BBEED26D03C2616ED7E8
Requests: 65 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: 3810080651245C00C6D246A6AF14CCC2
Requests: 24 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.trumetareds.com&origin=onetag
Frame ID: DD3B2EAC5793F3D33FE45045A4A49810
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=56c88467-d6b4-4dc7-aaa8-7a851e533f20&u_scsid=072b1ba2-6ab9-4643-8788-14871123a6d5&u_sclid=68d7d7ec-cbff-46d6-9319-f458618dc426
Frame ID: 06AA7795074B9930577AE3009B3E35FD
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 24D9AC84A09C9C30B68F78777286034D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RAPALyS237LVF6rR2kjWJ4MYF_aMdhTx4KFxnA&google_gid=CAESEE3kpNJfg0h4daT2ltzpfhI&google_cver=1&google_ula=913071,0
Frame ID: D9204C5D31B83AA94491CEDF3709F276
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trumeta Reds

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

125
Requests

92 %
HTTPS

35 %
IPv6

55
Domains

70
Subdomains

66
IPs

9
Countries

2213 kB
Transfer

6356 kB
Size

54
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://gum.criteo.com/sid/json?origin=onetag&domain=trumetareds.com&sn=ChromeSyncframe&so=0&topUrl=www.trumetareds.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=MHTdR3xXdUR1Z25hZDFRMktWb3QwNDFDWDNVWFROc1lrRGh0NHFwN1NpNDVReDQ4alU0YVRRTjJrTm5jMnNMeFd4QTdGRlBPSHd1SUl0aEtCNTV2ckZ0YkRDcXdxSEpKbkFId3hQV0d5eVdwWUhSRTZkd0lqSit2cHViSDNoeS9PUmFmaTZtdXhEM21hREJpZENPcENWRUdNdlF0R2dCS0kvZGVMUlhpU2JaSHAxVHFRYzVaUjJSd1RqSFltU3I5ek9EZTlBVXhNcm8rWCtHQVl2VWZENkZVRDZqMU9zNzEvdm10djl3WTJvY1FzWktSRy9tTmFVTWlSMlVTQldtWjBveFBIUjhWM0FxWVJ5YTg5N2gyTUM0MGZZQT09fA&cppv=2

Request Chain 78

https://sslwidget.criteo.com/event?a=98171&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=wYyiql9NUUI4NWsyNUJsMmdtOWl0b1JuellQYVVYQ0oyeGg3YWpvelRxWkk0eE4wNyUyRjJ4RzJzTnQwWjVxMU9sUHFRU3U5empENXZJS2RGNkFWeERWbGlRV1ZPWGRVJTJGbm93TnolMkI2MFRvN2tqYmEybkwxdDd0YkZIaEMlMkJ5YjI5RnBpN3FpSDEwZk5YdTM4djY0WjJrOE9GSU9UZyUzRCUzRA&tld=trumetareds.com&fu=https%253A%252F%252Fwww.trumetareds.com%252Fpresentation%253Futm_source%253Ddirectbuys&ceid=ca040326-2000-4876-a7e6-dd6cad2a40bf&dtycbr=34926 HTTP 302
https://widget.us.criteo.com/event?a=98171&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=wYyiql9NUUI4NWsyNUJsMmdtOWl0b1JuellQYVVYQ0oyeGg3YWpvelRxWkk0eE4wNyUyRjJ4RzJzTnQwWjVxMU9sUHFRU3U5empENXZJS2RGNkFWeERWbGlRV1ZPWGRVJTJGbm93TnolMkI2MFRvN2tqYmEybkwxdDd0YkZIaEMlMkJ5YjI5RnBpN3FpSDEwZk5YdTM4djY0WjJrOE9GSU9UZyUzRCUzRA&tld=trumetareds.com&fu=https%253A%252F%252Fwww.trumetareds.com%252Fpresentation%253Futm_source%253Ddirectbuys&ceid=ca040326-2000-4876-a7e6-dd6cad2a40bf&dtycbr=34926

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RAPALyS237LVF6rR2kjWJ4MYF_aMdhTx4KFxnA&google_cm&google_hm=ay1SQVBBTHlTMjM3TFZGNnJSMmtqV0o0TVlGX2FNZGhUeDRLRnhuQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-RAPALyS237LVF6rR2kjWJ4MYF_aMdhTx4KFxnA&google_cm=&google_hm=ay1SQVBBTHlTMjM3TFZGNnJSMmtqV0o0TVlGX2FNZGhUeDRLRnhuQQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RAPALyS237LVF6rR2kjWJ4MYF_aMdhTx4KFxnA&google_gid=CAESEE3kpNJfg0h4daT2ltzpfhI&google_cver=1&google_ula=913071,0

Request Chain 96

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5721557952812789744

Request Chain 97

https://secure.adnxs.com/setuid?entity=52&code=k-APKKpiS237LVF6rR2kjWJ4MYF_Y_OMoep10Z2w HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-APKKpiS237LVF6rR2kjWJ4MYF_Y_OMoep10Z2w

Request Chain 108

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FcmfrCS237LVF6rR2kjWJ4MYF_bKIfMh75OuPQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FcmfrCS237LVF6rR2kjWJ4MYF_bKIfMh75OuPQ&C=1

Request Chain 109

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=8Q9U-PJMKbXelwTj4CQ-c8iOniW7idF1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8Q9U-PJMKbXelwTj4CQ-c8iOniW7idF1

Request Chain 121

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=3qGEk3pWYcxAeA6jmuIzvi4ZPNEpfZQ3

Request Chain 122

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Jr6c0iv1i24K3hR9ZH4Nf2z5SGUM3yTF

125 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request presentation Show response
www.trumetareds.com/ 46 KB
13 KB 559ms
188ms Document
text/html 137.184.19.101
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trumetareds.com/presentation?utm_source=directbuys
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.19.101 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: trumetareds.com
Software: nginx / Express
Resource Hash: b23721862e0d70f7780c2f3c18059e278b24e778188653dc0ba0ac9e5dd63c6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 25 Aug 2023 09:58:18 GMT
ETag: W/"b697-/kDtXvPtWPO5wFxk+Wu241haKpk"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:ital,wght@0,400;0,500;0,600;0,800;1,400;1,600;1,800&display=swap

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2450f22d0c70307e23e75892dfd7eaefe7b730ebb8cbf60cd2b193d92f6d3aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 09:58:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Aug 2023 09:58:18 GMT

GET play-img-d.gif
www.trumetareds.com/img/video/ 0
0

GET
H2 200 UCAffiliateNetworkPixel Show response
secure.trumetareds.com/cgi-bin/ 2 KB
1 KB 498ms
122ms Script
text/javascript 34.230.108.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.trumetareds.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.230.108.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-108-35.compute-1.amazonaws.com

Software

Apache /

Resource Hash

0886638a77a0d59cd8a008e4ba1cf39298e654b9e63808e17628ab0285c1f867

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 852

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 283 KB
94 KB 53ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZ2BHSD

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5eb9c2e22c8f45d1d2aa065843d3b891c95346b1e3758071768e9f17a0eb0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95790
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Aug 2023 09:58:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 173 KB
47 KB 35ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 25 Aug 2023 09:58:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: I+o5XXnjpr7IhroPsnjwm7gkcyJ6xUh28a+c0y5aAthwS4KRwwJf7yVxKVn9Vm+8BhDol5yYyFABP/KK3uhmxA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 JUkykFi26Uw Show response
www.youtube-nocookie.com/embed/ Frame 3810 79 KB
33 KB 96ms
54ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d30a0d2c6300b2a2596f15e46d7039cad10c9fe47ed98353b54af5340b5e54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trumetareds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 09:58:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmDnk0SIEsH4Bi0uvITor+113VdZiHamGsT0EG6UHXgEXROwfKYSeE1NWAqwKRr6CFPJ/xqXmMgs+r58fAMEMQgAAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 71ms
30ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

367d88211b965cbd7d6152e6a2f21966e30ccccd772424070da909b8006880df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 25 Aug 2023 09:58:18 GMT

GET
H/1.1 200
OK play-img-d.gif
www.trumetareds.com/img/video/ 95 KB
95 KB 388ms
196ms Image
image/gif 137.184.19.101
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trumetareds.com/img/video/play-img-d.gif
Requested by: Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.19.101 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: trumetareds.com
Software: nginx / Express
Resource Hash: 4b6d90b7a3fef9a95fd8c96b5c1db4e05737434f219490b78a5b713da535cecf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/presentation?utm_source=directbuys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 09:58:18 GMT
Last-Modified: Mon, 13 Mar 2023 08:24:40 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"17a44-186da1255d5"
Content-Type: image/gif
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96836

GET
H2 200 LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
fonts.gstatic.com/s/plusjakartasans/v8/ 27 KB
27 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/plusjakartasans/v8/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:ital,wght@0,400;0,500;0,600;0,800;1,400;1,600;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.trumetareds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:27:04 GMT
x-content-type-options: nosniff
age: 570674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27444
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 14:14:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 19:27:04 GMT

GET
H/1.1 200
OK lisa-d.png
www.trumetareds.com/img/featured-on/lisa/ 143 KB
143 KB 376ms
190ms Image
image/png 137.184.19.101
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trumetareds.com/img/featured-on/lisa/lisa-d.png
Requested by: Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.19.101 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: trumetareds.com
Software: nginx / Express
Resource Hash: b25f463f6bae3a91032b45883f3c20cff20442065c56a2ff05f82ed8f70ccc31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/presentation?utm_source=directbuys
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 09:58:18 GMT
Last-Modified: Mon, 15 May 2023 13:30:38 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"23a55-1881f9b1884"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146005

GET
H2 200 810524130072458 Show response
connect.facebook.net/signals/config/ 311 KB
89 KB 92ms
91ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/810524130072458?v=2.9.124&r=stable&domain=www.trumetareds.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

884f5aa8091044a9ef0d00ec5f4786a4c547d5401de57878bdb93447e2a501c3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 25 Aug 2023 09:58:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: lKF/NnhTMMR5q0PPLnSxqi3LpUwOVTOBkkP9jf9Wbe8NCp1kvm6bhPZk/8ZzhlHyD6Ze6r+IS0TNfBHL+E9FOg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/c153b631/www-widgetapi.vflset/ 209 KB
65 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c153b631/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de46fb8e26ef2e02cc96f22b8986c1457c92616aeca80a0ce32b16a0faee024d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:53:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65919
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 00:38:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Aug 2024 09:53:38 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 124 KB
48 KB 77ms
29ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NH5X4P6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2BHSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d21759f51c8be2a62aba93e9c0370268cc2c49c3a2645dd0765a80194255a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48989
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Aug 2023 09:58:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2BHSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 25 Aug 2023 09:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 515
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 25 Aug 2023 11:49:43 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 54ms
10ms Script
application/javascript 2a02:26f0:3500:893::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2BHSD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:893::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d045ab0a39895392a25e52ccef01397989534a60195d6b9ae227624f600884f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "6e7ebcfa37884d78352253e11cfcd656"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1474

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 38ms
8ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2BHSD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 97ms
56ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2BHSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14bfa1b53f5beab07b9c1fe255d8430c762f3d96ec928f4d2371e3d352b46f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 Jul 2023 12:38:57 GMT
server: nginx
etag: W/"64c26561-b817"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Aug 2023 09:58:18 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 121ms
88ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=98171

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2BHSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

817ab35ce1466e4049911f41dd08e83ab9d742111c29fa2d5a31a8f9b8056083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 23 KB
7 KB 34ms
10ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5e772fa0cae63acae0163e8c0b0531f20421b58f5dbaf1dc319bc44f2c928929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 09:58:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Aug 2023 10:04:31 GMT
Server: AkamaiNetStorage
ETag: "5815fbf64c9af594c239523fd631e077:1692096294.934174"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7087
Expires: Fri, 25 Aug 2023 10:18:18 GMT

GET
H2 200 everflow.js Show response
www.ibph4trk.com/scripts/sdk/ 60 KB
19 KB 225ms
161ms Script
text/javascript 34.107.199.247
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ibph4trk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2BHSD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 247.199.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e904cfff4529436dbaf7b090e6a1444be7eaa92edbb39db85634bf3fd88fd427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: e27add26-30bc-4334-bfed-437940777a9e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 collect-g.js Show response
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 101 KB
20 KB 43ms
11ms Script
application/x-javascript 13.32.23.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=TRU&channel=secure.trumetareds.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2BHSD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-228.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6acaafd2a133d399889a3be508cd33b8f1d85b88dd1c49a71b772d6bf45c88e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 00:07:56 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 294623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19674
last-modified: Mon, 20 Mar 2023 16:13:16 GMT
server: AmazonS3
etag: "7760760b7bc314cff1c1bf7958832731"
content-type: application/x-javascript; charset=UTF-8
cache-control: max-age=604800,s-maxage=604800
accept-ranges: bytes
x-amz-cf-id: 8AsRUyF2KlOF-JtpSnQhS56TArOS_gRoGBuYFA0SJ4XYZ0eM33TVzg==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 383ms
151ms Script
application/javascript 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF98SGRC77UEUGLDNOR0&lib=ttq
Requested by: Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8cd93d7b112ac87dd65dcc878b542e0597279266049ad02e2c5ab067cb341fac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-akamai-request-id: c3fed736.297c6ff8
date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time: 105,23.36.160.14
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=9, inner; dur=5
content-length: 1928
pragma: no-cache
server: nginx
x-tt-logid: 20230825095818003E455C3197F5A774FC
x-cache-remote: TCP_MISS from a23-220-104-203.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.203
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dc919017b06662280896d5e31ff464c4e90ba893a01a747effae8deb17ab10aeb56a2d8266942ad09163ef1db29f103affc7733f89b5e9d82142a21e6ababb059e33ae627e0e22677517729cbd038843e63f1568921d31255ff55cbc3257c00233
expires: Fri, 25 Aug 2023 09:58:18 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 37 KB
16 KB 104ms
38ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4ed0519e31e5cf9ad389669388a76bdceb7c9323099527f27855fc9acc30215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: gzip
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16352
x-amz-cf-id: 6-Og3VGRAi_hyVyl4w1MlXQwymZYNjQw7aJ32r7skYcVernejgLntA==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 257ms
28ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:57:40 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 709GBFQPMQFHQ6RP
age: 40
x-amz-server-side-encryption: AES256
x-amz-id-2: xM1+v1M/PWrcVJTf+lCuR27f7D6xhWtfQpdegsM2mVSqzeHbcYuVYhKl6FlFvhn5fEiF0G18fEE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
92 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E037P07TQJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2BHSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18d33b39da2f9a3561e948b7d73db43383ee5715b2b085ac82549909bf5461d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93708
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 25 Aug 2023 09:58:18 GMT

GET
H3 200 www-player.css
www.youtube-nocookie.com/s/player/c153b631/ Frame 3810 382 KB
48 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/c153b631/www-player.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51ae3da0fdc534c81803325452272532929587b4a309fe109a1cb94bdc025f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:44:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49307
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 00:38:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Aug 2024 03:44:16 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/c153b631/www-embed-player.vflset/ Frame 3810 318 KB
95 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/c153b631/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca4e68f2b09dd38e6b7b5347bc22aa914b2204a0181a4426cb85342c7579ec6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:44:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97327
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 00:38:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Aug 2024 03:44:16 GMT

GET
H3 200 base.js Show response
www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/ Frame 3810 2 MB
749 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737edb5be25fe538ed86dcb97fecbee18a085b0a37af413de6341b63873b2d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:44:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 766811
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 00:38:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Aug 2024 03:44:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3810 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:35:58 GMT
x-content-type-options: nosniff
age: 523340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 08:35:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3810 15 KB
15 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 17:41:40 GMT
x-content-type-options: nosniff
age: 231398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 17:41:40 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 506ms
96ms Ping
image/gif 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08949164824674243&referrer=&cht=gtm&marketerId=007905fc1ab9827424db090ed9bc76fe13&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.trumetareds.com%2Fpresentation%3Futm_source%3Ddirectbuys&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 09:58:18 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 5216ac10f306c28b9dce57778e3f5b7e
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 406ms
95ms Script
application/javascript 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=007905fc1ab9827424db090ed9bc76fe13
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: br
X-TraceId: 0f02b21e91e85a7bdcba94447c830123
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 007905fc1ab9827424db090ed9bc76fe13 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 197ms
19ms Script
text/html 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/007905fc1ab9827424db090ed9bc76fe13
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 09:58:18 GMT
Content-Encoding: gzip
ob-sent-time: 1692642169129
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 4341541a7a75c2764ec7377a1f21a128
Content-Length: 22
Expires: Fri, 25 Aug 2023 09:59:18 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 284ms
114ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1692957498468&id=t2_6f261cy2&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=cff8e0b1-b32f-413a-ae2e-5f829fcf7ae3&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 172ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E037P07TQJ&gtm=45je38n0&_p=1354048651&_gaz=1&cid=1984909572.1692957499&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692957498&sct=1&seg=0&dl=https%3A%2F%2Fwww.trumetareds.com%2Fpresentation%3Futm_source%3Ddirectbuys&dt=Trumeta%20Reds&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E037P07TQJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trumetareds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 67ms
22ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E037P07TQJ&cid=1984909572.1692957499&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E037P07TQJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trumetareds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 178ms
48ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E037P07TQJ&cid=1984909572.1692957499&gtm=45je38n0&aip=1&z=674224669

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.85b84545.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 11ms
10ms Script
application/javascript 2a02:26f0:3500:893::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.85b84545.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:893::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1aa00cb6c11b0869393daefa90700e47d7e08001d1972a42e85b6dc78c64d835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "5ac911c7d00351e2c4d834e7141ed9df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18158

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 31ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fwww.trumetareds.com%2Fpresentation%3Futm_source%3Ddirectbuys&rl=&if=false&ts=1692957498578&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692957498576.1877640199&it=1692957498373&coo=false&rqm=GET

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 25 Aug 2023 09:58:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 15ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1354048651&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trumetareds.com%2Fpresentation%3Futm_source%3Ddirectbuys&ul=en-us&de=UTF-8&dt=Trumeta%20Reds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABRAAAACAAI~&jid=695731489&gjid=1173536778&cid=1984909572.1692957499&tid=UA-226099588-1&_gid=1744707920.1692957499&_r=1&_slc=1&gtm=45He38n0n81NZ2BHSD&z=232968993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trumetareds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DD3B 15 KB
6 KB 52ms
19ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.trumetareds.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.trumetareds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 09:58:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 297569
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 101ms
32ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 25 Aug 2023 09:58:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3810 67 KB
31 KB 47ms
46ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95432681612af5e8fcf4ebc6e490f9cc025afd25ff2631b3169f03e19c300d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31495
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 3810 61 KB
24 KB 87ms
86ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0dd4f3b140ab5515ed04e5de3fd162674caa0c340246e49205aafaa8bb151e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230822.01.01
X-Goog-Visitor-Id: CgtwUGZUY3pnS3VSZyi69qGnBjIGCgJERRIA

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24510
x-xss-protection: 0
expires: Fri, 25 Aug 2023 09:58:18 GMT

GET
H2 200 6kl8isidqelkPjLu32IEGM2mfapB_vlJxeLVpgibNKM.js Show response
www.google.com/js/th/ Frame 3810 37 KB
15 KB 45ms
12ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/6kl8isidqelkPjLu32IEGM2mfapB_vlJxeLVpgibNKM.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea497c8ac89da9e9643e32eedf620418cda67daa41fef949c5e2d5a6089b34a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 08:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14503
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 08:38:16 GMT

GET
H3 200 embed.js Show response
www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/ Frame 3810 48 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d4b908a415e62c6a658d676940cdd42282cb4f6717ff3f963fa5c39c8c1c7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:44:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15218
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 00:38:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Aug 2024 03:44:16 GMT

GET
H2 200 56c88467-d6b4-4dc7-aaa8-7a851e533f20.js Show response
tr.snapchat.com/config/com/ 172 B
451 B 62ms
19ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/56c88467-d6b4-4dc7-aaa8-7a851e533f20.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

17816adda4ba6d3b725a941fa33bd6276898ddc1466dfb23bb890ce06f787ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.trumetareds.com/
Origin: https://www.trumetareds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.trumetareds.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 06AA 0
201 B 91ms
30ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=56c88467-d6b4-4dc7-aaa8-7a851e533f20&u_scsid=072b1ba2-6ab9-4643-8788-14871123a6d5&u_sclid=68d7d7ec-cbff-46d6-9319-f458618dc426

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.trumetareds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 25 Aug 2023 09:58:18 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
DATA 200
OK truncated
/ Frame 3810 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 W6nvBIzdOYaxAuuNzXhNKdPCKGF1DszqNBj0rtRf4BPnSbHDhL5FNYGR91lWOAVHM-4Otagoxw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 3810 994 B
1 KB 85ms
28ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/W6nvBIzdOYaxAuuNzXhNKdPCKGF1DszqNBj0rtRf4BPnSbHDhL5FNYGR91lWOAVHM-4Otagoxw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1cb0787fb94a140278d5c34b9b3163035afdca88cadc2f888ba076b919c27cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:18 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 994
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 26 Aug 2023 09:58:18 GMT

GET
H2 200 id Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 29 B
371 B 405ms
329ms XHR
text/plain 143.204.214.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.trumetareds.com
Requested by: Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=TRU&channel=secure.trumetareds.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-212.fra53.r.cloudfront.net
Software: /
Resource Hash: 86b4211c04606336dfbe3e876c205e05d436d3419e151bf382b8f89d8b4aa98f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
alt-svc: h3=":443"; ma=86400
content-length: 29
apigw-requestid: KNgxSjQkIAMEMmw=
x-amz-cf-id: 1rK_EoX35d3ER-z5qSoEIlSBO2olsptfaCukin1p7LMiW7NcWJ7s6Q==

GET
H2

200

sid Show response
mug.criteo.com/ Frame DD3B
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=trumetareds.com&sn=ChromeSyncframe&so=0&topUrl=www.trumetareds.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=MHTdR3xXdUR1Z25hZDFRMktWb3QwNDFDWDNVWFROc1lrRGh0NHFwN1NpNDVReDQ4alU0YVRRTjJrTm5jMnNMeFd4QTdGRlBPSHd1SUl0aEtCNTV2ckZ0YkRDcXdxSEpKbkFId3hQV0d5eVdwWUhSRTZkd0lqSit2cHViSD...

425 B
654 B

68ms
19ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=MHTdR3xXdUR1Z25hZDFRMktWb3QwNDFDWDNVWFROc1lrRGh0NHFwN1NpNDVReDQ4alU0YVRRTjJrTm5jMnNMeFd4QTdGRlBPSHd1SUl0aEtCNTV2ckZ0YkRDcXdxSEpKbkFId3hQV0d5eVdwWUhSRTZkd0lqSit2cHViSDNoeS9PUmFmaTZtdXhEM21hREJpZENPcENWRUdNdlF0R2dCS0kvZGVMUlhpU2JaSHAxVHFRYzVaUjJSd1RqSFltU3I5ek9EZTlBVXhNcm8rWCtHQVl2VWZENkZVRDZqMU9zNzEvdm10djl3WTJvY1FzWktSRy9tTmFVTWlSMlVTQldtWjBveFBIUjhWM0FxWVJ5YTg5N2gyTUM0MGZZQT09fA&cppv=2

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2eccc4dedb62621af4840b96799bcc258f32f5912eeac9ac2c164435c4a387be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1377618
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=MHTdR3xXdUR1Z25hZDFRMktWb3QwNDFDWDNVWFROc1lrRGh0NHFwN1NpNDVReDQ4alU0YVRRTjJrTm5jMnNMeFd4QTdGRlBPSHd1SUl0aEtCNTV2ckZ0YkRDcXdxSEpKbkFId3hQV0d5eVdwWUhSRTZkd0lqSit2cHViSDNoeS9PUmFmaTZtdXhEM21hREJpZENPcENWRUdNdlF0R2dCS0kvZGVMUlhpU2JaSHAxVHFRYzVaUjJSd1RqSFltU3I5ek9EZTlBVXhNcm8rWCtHQVl2VWZENkZVRDZqMU9zNzEvdm10djl3WTJvY1FzWktSRy9tTmFVTWlSMlVTQldtWjBveFBIUjhWM0FxWVJ5YTg5N2gyTUM0MGZZQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 223419
content-length: 0
expires: 0

POST
H3 204 qoe Show response
www.youtube-nocookie.com/api/stats/ Frame 3810 0
17 B 21ms
21ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&cpn=H160yxM0BJRtqbsS&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24208765%2C24415864%2C24439361%2C24524098%2C24540582%2C24549485%2C24559327%2C24560416%2C24566687%2C24567652%2C24569557%2C24569886%2C51000316%2C51006352%2C51006489&cl=559586488&seq=1&docid=JUkykFi26Uw&ei=OnvoZNKgLOW_6dsPmaqiuAc&event=streamingstats&plid=AAYDvGJVV0vSyVXM&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2FJUkykFi26Uw%3Fenablejsapi%3D1%26playsinline%3D1%26rel%3D0%26controls%3D0%26showinfo%3D0%26autoplay%3D1%26modestbranding%3D1%26iv_load_policy%3D3&qclc=ChBIMTYweXhNMEJKUnRxYnNTEAE&embargoed=0&cbr=Chrome&cbrver=116.0.5845.110&c=WEB_EMBEDDED_PLAYER&cver=1.20230822.01.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.011:B,0.180:B,0.180:B&cat=streaming&cmt=0.011:0.000,0.180:0.000&vfs=0.180:134:134::r&view=0.180:926:521&bwe=0.180:130000&bat=0.180:1:1&vis=0.180:0&bh=0.180:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version: 1.20230822.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtwUGZUY3pnS3VSZyi69qGnBjIGCgJERRIA
X-YouTube-Ad-Signals: dt=1692957498609&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C926%2C521&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:18 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback
rr2---sn-4g5ednz7.googlevideo.com/ Frame 3810 0
0 120ms
49ms Fetch
application/vnd.yt-ump 2a00:1450:4001:3d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5ednz7.googlevideo.com/videoplayback?expire=1692979098&ei=OnvoZNKgLOW_6dsPmaqiuAc&ip=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A11&id=o-AEgTS98f_QeHEfEblHux7opE6QV9-yvFHuGh5qhoi012&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=gT&mm=31%2C26&mn=sn-4g5ednz7%2Csn-5hne6nsd&ms=au%2Conr&mv=u&mvi=2&pl=59&spc=UWF9f7rWwwq47UXLquzLZcEjWxE-2Fs3TkCGK30SZA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=XJ35GSrFdLSzCj4RRZz03Z4P&gir=yes&clen=89574231&dur=2172.480&lmt=1686905735791712&mt=1692956326&fvip=5&keepalive=yes&fexp=24007246%2C51000024&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=ZSdPEFBsEQ-lXg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOyZ4nUToLNTwEl-oPHa61emQ7e1jlQyrK2DNQ1aS4GMAiEArJZNlpy3sjRbI-Ia5p-LSB5tTdCK0Z9d1QztKhKHJDg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgRIlqWV4o6HIxAsShpeVOR35X7MTlf1S0G5fKISNMqQsCIQC5fgcScK17l6rgeCaGD8zOXnvem1xY-SDyQdy7m1IDtQ%3D%3D&alr=yes&cpn=H160yxM0BJRtqbsS&cver=1.20230822.01.01&range=0-190971&rn=1&rbuf=0&pot=IizF48XgoQu-2YaEsZSQpJ-2nNC1jZbQk7CfmqzV_JKCjYeJjKSGhI-ml7GMog==&ump=1&srfvp=1

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:3d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 09:58:19 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Fri, 16 Jun 2023 08:55:35 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H/1.1 200
OK videoplayback
rr2---sn-4g5ednz7.googlevideo.com/ Frame 3810 0
0 116ms
49ms Fetch
application/vnd.yt-ump 2a00:1450:4001:3d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5ednz7.googlevideo.com/videoplayback?expire=1692979098&ei=OnvoZNKgLOW_6dsPmaqiuAc&ip=2a00%3Ac98%3A2030%3Aa004%3A1%3A%3A11&id=o-AEgTS98f_QeHEfEblHux7opE6QV9-yvFHuGh5qhoi012&itag=251&source=youtube&requiressl=yes&mh=gT&mm=31%2C26&mn=sn-4g5ednz7%2Csn-5hne6nsd&ms=au%2Conr&mv=u&mvi=2&pl=59&spc=UWF9f7rWwwq47UXLquzLZcEjWxE-2Fs3TkCGK30SZA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=XJ35GSrFdLSzCj4RRZz03Z4P&gir=yes&clen=36752430&dur=2172.501&lmt=1686905757212072&mt=1692956326&fvip=5&keepalive=yes&fexp=24007246%2C51000024&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=ZSdPEFBsEQ-lXg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIge_M2DQwNSI-rNWC5h3KfoJw_852WE4zhCuV2sXA_fO4CIQD8IiykMdxo9e1wJ3gV6eNWaLm6PQBUWUpX6xmgaMBZBQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgRIlqWV4o6HIxAsShpeVOR35X7MTlf1S0G5fKISNMqQsCIQC5fgcScK17l6rgeCaGD8zOXnvem1xY-SDyQdy7m1IDtQ%3D%3D&alr=yes&cpn=H160yxM0BJRtqbsS&cver=1.20230822.01.01&range=0-69623&rn=2&rbuf=0&pot=Iiz80_zQmDuH6b-0iKSplKaGpeCMva_gqoCmqpXlxaK7vb65tZS_tLaWroG1kg==&ump=1&srfvp=1

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:3d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 09:58:19 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Fri, 16 Jun 2023 08:55:57 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Fri, 25 Aug 2023 09:58:19 GMT

GET
H3 200 captions.js Show response
www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/ Frame 3810 70 KB
23 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e2a9edf601421af94020d122c9588899c7e5d90adf726d00c29062671ec641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23803
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 00:38:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Aug 2024 03:52:33 GMT

GET
H3 200 endscreen.js Show response
www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/ Frame 3810 33 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce79ed3ef783d005002b40fca02ddcd792356e975621cc6599bea1c0ae402b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8368
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 00:38:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Aug 2024 03:44:47 GMT

POST
H3 200 next Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 3810 7 KB
2 KB 262ms
260ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

f2c5652224213b61fbfe0be8bdddd54a4f7bb10df440059ec979c0925211f2d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230822.01.01
X-Goog-Visitor-Id: CgtwUGZUY3pnS3VSZyi69qGnBjIGCgJERRIA

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2225
x-xss-protection: 0
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 23ms
22ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-226099588-1&cid=1984909572.1692957499&jid=695731489&gjid=1173536778&_gid=1744707920.1692957499&_u=aCDACEAARAAAACAAI~&z=1420908912

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Aug 2023 09:58:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trumetareds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10197519.json Show response
s.yimg.com/wi/config/ 2 B
511 B 407ms
360ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10197519.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 2BCG16T3MWRY3F0S
age: 0
content-length: 22
x-amz-id-2: 2ul9OOiuYZZphzmPsklHNjv0bcnuAAjzASSgveMUzcf3VZY4zJCdo6AdSvpjAWVgDjkVyfHNqFSm7EGiLgQXPHNf/mgAe6J+WeQN1onpFeQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3810 90 B
133 B 24ms
23ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ee6e7f8aa28202508d39d6b425448345b89e0142877dfc31c30b328ded39934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 21ms
21ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 25 Aug 2023 09:58:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/JUkykFi26Uw/ Frame 3810 72 KB
73 KB 53ms
21ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/JUkykFi26Uw/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgVChKMA8=&rs=AOn4CLCVQe9IeVGbZVYoZWYyQ1BI7OCRmw

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c25f2b2be1c0d45b6afc9cf228464fadd871d6ddfe6d9255e4bf46d1ae803e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74159
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Aug 2023 11:58:19 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
812 B 62ms
38ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612813805992&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1692957499054&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.85b84545.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 3
x-pinterest-rid: 9171213459135035
content-length: 385
pin-unauth: dWlkPU0ySTRZekpsT0RBdE0ySmtaUzAwWldaa0xXSXdOekF0TXpnMU1tRXdOalUxWWpWbQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.trumetareds.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 5d1832af3763674a8847e1eb11d824ae575da1f3
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
502 B 62ms
38ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612813805992&cb=1692957499056&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.85b84545.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1263797924174303
content-length: 385
pin-unauth: dWlkPU16WTVabVZrT0dJdE5tWmtPQzAwWmpNeUxXSmxPVGd0TTJZeFlXUmpNR1ExWkdNMQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.trumetareds.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 5d1832af3763674a8847e1eb11d824ae575da1f3
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 47ms
45ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-226099588-1&cid=1984909572.1692957499&jid=695731489&_u=aCDACEAARAAAACAAI~&z=789935740

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-226099588-1&cid=1984909572.1692957499&jid=695731489&_u=aCDACEAARAAAACAAI~&z=789935740

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 embedded_player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 3810 30 KB
18 KB 35ms
35ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

5f437173bde14c061620755a3f99c8bd92e74d7cd043d3017ce91ac3b85ff77a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230822.01.01
X-Goog-Visitor-Id: CgtwUGZUY3pnS3VSZyi69qGnBjIGCgJERRIA

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18574
x-xss-protection: 0
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H2 200 p
tr.snapchat.com/ 68 B
346 B 36ms
36ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://www.trumetareds.com
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
94 B 36ms
36ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612813805992&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.trumetareds.com%2Fpresentation%3Futm_source%3Ddirectbuys%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2285b84545%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1692957499154
Requested by: Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 5d1832af3763674a8847e1eb11d824ae575da1f3
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1539207614528117
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MTE4Nzk5OTU3NQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 414 KB
106 KB 14ms
14ms Script
application/javascript 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF98SGRC77UEUGLDNOR0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 807c12bbb3a0f1bc237131ec254bfdd62370631d2c439354c336de13240d8000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-akamai-request-id: 297c726e
date: Fri, 25 Aug 2023 09:58:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202308241300364887BA05261E3217C8FB
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0138854a0e741d7f10d44b9218e095ed0eff82119d2fc4b6a8824b57abb2215b5317d7599ac74df4ba813cb561b984a21474d8e9ae1dfbffa373e5f503b443ba636f6fb7a8e2ef336d02317b421df1333531337df7dca132c09c77a6ba5ee02bdb
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 107856

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=810524130072458&ev=Microdata&dl=https%3A%2F%2Fwww.trumetareds.com%2Fpresentation%3Futm_source%3Ddirectbuys&rl=&if=false&ts=1692957499164&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Trumeta%20Reds%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692957498576.1877640199&it=1692957498373&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 25 Aug 2023 09:58:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
332 B 38ms
38ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612813805992&cb=1692957499202&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU0ySTRZekpsT0RBdE0ySmtaUzAwWldaa0xXSXdOekF0TXpnMU1tRXdOalUxWWpWbQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.trumetareds.com%2Fpresentation%3Futm_source%3Ddirectbuys%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2285b84545%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 5d1832af3763674a8847e1eb11d824ae575da1f3
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1788562924855077
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 qoe Show response
www.youtube-nocookie.com/api/stats/ Frame 3810 0
17 B 16ms
16ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&afmt=251&cpn=H160yxM0BJRtqbsS&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24208765%2C24415864%2C24439361%2C24524098%2C24540582%2C24549485%2C24559327%2C24560416%2C24566687%2C24567652%2C24569557%2C24569886%2C51000316%2C51006352%2C51006489&cl=559586488&seq=2&docid=JUkykFi26Uw&ei=OnvoZNKgLOW_6dsPmaqiuAc&event=streamingstats&plid=AAYDvGJVV0vSyVXM&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2FJUkykFi26Uw%3Fenablejsapi%3D1%26playsinline%3D1%26rel%3D0%26controls%3D0%26showinfo%3D0%26autoplay%3D1%26modestbranding%3D1%26iv_load_policy%3D3&qclc=ChBIMTYweXhNMEJKUnRxYnNTEAI&embargoed=0&cbr=Chrome&cbrver=116.0.5845.110&c=WEB_EMBEDDED_PLAYER&cver=1.20230822.01.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&afs=0.184:251::i&cat=spkadtrt&cmt=0.211:0.000,0.509:0.000,0.509:0.000&vps=0.211:N,0.509:SU,0.509:SU&ctmp=dompaused:t.212;r.promise;m.NotAllowedError&bat=0.509:1:1&bh=0.509:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version: 1.20230822.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtwUGZUY3pnS3VSZyi69qGnBjIGCgJERRIA
X-YouTube-Ad-Signals: dt=1692957498609&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C926%2C521&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
www.youtube-nocookie.com/ Frame 3810 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?SSLzbA
Requested by: Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 hm
tr.snapchat.com/ 68 B
88 B 23ms
22ms Ping
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/hm

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/json
access-control-allow-origin: https://www.trumetareds.com
cache-control: no-cache, no-transform
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

OPTIONS
H2 200 hm
tr.snapchat.com/ Frame 0
0 21ms
20ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/hm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.trumetareds.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://www.trumetareds.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 25 Aug 2023 09:58:19 GMT
server: API Gateway
via: 1.1 google

GET
H2 200 UCAffiliateNetworkPixel
secure.trumetareds.com/cgi-bin/ 0
376 B 123ms
122ms Stylesheet
text/plain 34.230.108.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.trumetareds.com/cgi-bin/UCAffiliateNetworkPixel?t=0.021949813007618335&r=&u=https%3A%2F%2Fwww.trumetareds.com%2Fpresentation%3Futm_source%3Ddirectbuys
Requested by: Host: secure.trumetareds.com
URL: https://secure.trumetareds.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.230.108.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-108-35.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
content-length: 0
server: Apache

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=98171&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=wYyiql9NUUI4NWsyNUJsMmdtOWl0b1JuellQYVVYQ0oyeGg3YWpvelRxWkk0eE4wN...
https://widget.us.criteo.com/event?a=98171&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=wYyiql9NUUI4NWsyNUJsMmdtOWl0b1JuellQYVVYQ0oyeGg3YWpvelRxWkk0eE4wN...

10 KB
4 KB

304ms
106ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=98171&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=wYyiql9NUUI4NWsyNUJsMmdtOWl0b1JuellQYVVYQ0oyeGg3YWpvelRxWkk0eE4wNyUyRjJ4RzJzTnQwWjVxMU9sUHFRU3U5empENXZJS2RGNkFWeERWbGlRV1ZPWGRVJTJGbm93TnolMkI2MFRvN2tqYmEybkwxdDd0YkZIaEMlMkJ5YjI5RnBpN3FpSDEwZk5YdTM4djY0WjJrOE9GSU9UZyUzRCUzRA&tld=trumetareds.com&fu=https%253A%252F%252Fwww.trumetareds.com%252Fpresentation%253Futm_source%253Ddirectbuys&ceid=ca040326-2000-4876-a7e6-dd6cad2a40bf&dtycbr=34926

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

be092e672895afd1a9ecd6cd60c92b14d5651c8a56f793908d458ad896f72cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 10522716
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=98171&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=wYyiql9NUUI4NWsyNUJsMmdtOWl0b1JuellQYVVYQ0oyeGg3YWpvelRxWkk0eE4wNyUyRjJ4RzJzTnQwWjVxMU9sUHFRU3U5empENXZJS2RGNkFWeERWbGlRV1ZPWGRVJTJGbm93TnolMkI2MFRvN2tqYmEybkwxdDd0YkZIaEMlMkJ5YjI5RnBpN3FpSDEwZk5YdTM4djY0WjJrOE9GSU9UZyUzRCUzRA&tld=trumetareds.com&fu=https%253A%252F%252Fwww.trumetareds.com%252Fpresentation%253Futm_source%253Ddirectbuys&ceid=ca040326-2000-4876-a7e6-dd6cad2a40bf&dtycbr=34926
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9498055
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 identify_7de69.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
30 KB 22ms
21ms Script
application/javascript 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7de69.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-akamai-request-id: 297c7358
date: Fri, 25 Aug 2023 09:58:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023082413000615E0726811E5F428A758
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01fdd0895523204df6c40768a1648a97d92ed199e872d5053a3384376951ba81d417ef744e209070e4fcb71a183dd1da7068db02b5d5e3fc396607fd990c1b83e5b6c6007a9b6ded1ea8b50417f6a064c992d953cd77eee5a36593d95b5c1f3194
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=8
content-length: 30544

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
794 B 375ms
375ms Ping
text/plain 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4020d72d.297c7380
date: Fri, 25 Aug 2023 09:58:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time: 358,23.36.160.14
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=265, inner; dur=261
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230825095819F449CBE285E6F05E44D3
x-cache-remote: TCP_MISS from a23-220-104-205.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 266,23.220.104.205
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dc919017b06662280896d5e31ff464c4e978e979d8ff6503597e99705512a9696dc1c2b7ffa00c9ae18fcdfb20f71ef51d04a25cbb299b487d073dab0deacc5b464f921cd155feb2d1f6542642c64489126475734b86466ea56221de74f82fcc34
access-control-allow-headers: Authorization,*
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
786 B 116ms
115ms Ping
text/plain 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 522714d2.297c7381
date: Fri, 25 Aug 2023 09:58:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time: 96,23.36.160.14
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230825095819DB9E7A7A5FEC0359642C
x-cache-remote: TCP_MISS from a23-220-104-207.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.207
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dc919017b06662280896d5e31ff464c4e97c98af7df515cc2b11cdca4eb1e4b333a10aa4e27e6c391d3ddf3c5b9c928d80ba8071070de3410a34852691aee91247d9367400cda943ab6ac591878f225e23db270280f055195eab06bf11edd6a000
access-control-allow-headers: Authorization,*
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
787 B 115ms
114ms Ping
text/plain 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5225ca84.297c7382
date: Fri, 25 Aug 2023 09:58:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time: 96,23.36.160.14
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=8, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202308250958191674467F8FBC66AC8732
x-cache-remote: TCP_MISS from a23-220-104-207.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.207
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dc919017b06662280896d5e31ff464c4e97c98af7df515cc2b11cdca4eb1e4b33320ac4a889d2f08f3e863244a676270991a98fe8999633f79512a2d0d77bad35ceb587feed0e556f20d8a00adc14fc3d888aee0f7be1fffd775941d398f2853fa
access-control-allow-headers: Authorization,*
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
648 B 131ms
131ms Ping
text/plain 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 297c738c
date: Fri, 25 Aug 2023 09:58:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
server-timing: inner; dur=26, cdn-cache; desc=MISS, edge; dur=5, origin; dur=114
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202308250958196DF4DC361E1CBB5CA6F8
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 114,23.36.160.14
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dccda8276aace9a0e4ec273085969065ce10b65a4998902e5a9325ace7e9435bef41efc916e1799deb6f0c746e4d98f0c259651d976132c67e0c2164f3ab7b112c813c83c837cdc48ab9a230c7855c8363
access-control-allow-headers: Authorization,*
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
790 B 171ms
171ms Ping
text/plain 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 92352368.297c738f
date: Fri, 25 Aug 2023 09:58:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time: 143,23.36.160.14
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=51, inner; dur=47
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230825095819D1C17513D2346567B0A7
x-cache-remote: TCP_MISS from a23-220-104-211.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 51,23.220.104.211
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dc919017b06662280896d5e31ff464c4e97581b205f44ab4a18876f3c470eba17fe95e6c858ec5d085e4ce0130139a87c26f88dbb17db2807dda83e50868706f90147edbd0ee17bc80a461884961fbdfdc1b38d2b31215aac9b7ecd9206b3ca72f
access-control-allow-headers: Authorization,*
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
788 B 117ms
116ms Ping
text/plain 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2941739.297c7393
date: Fri, 25 Aug 2023 09:58:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time: 98,23.36.160.14
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=11, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230825095819445182189F8FCB7087A7
x-cache-remote: TCP_MISS from a23-34-240-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.34.240.148
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dca31796b6fbf5a9aa4a9d560a37a2a432495bc5c51a34fda79b14129f0a01280e97d1cceca44242d81b545ddb17eded967676a224047abe73fa880821dd7272d3bf78f0b05a88b78dc8a88c876fc6c3387237d7cf25c0d92d27a5762aff3679b3
access-control-allow-headers: Authorization,*
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
786 B 124ms
124ms Ping
text/plain 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 87e4a825.297c7394
date: Fri, 25 Aug 2023 09:58:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time: 98,23.36.160.14
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202308250958196057E1A4833D955A736C
x-cache-remote: TCP_MISS from a23-220-104-212.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.212
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dc919017b06662280896d5e31ff464c4e921c4ac2c9d106fcec7b4af02bccd5742adac170b33b0d1e576a209ee7cb97cd1518f406eeee20de2e0611b3aeb62db35b57665a07b8fb3102ae760ba4524ee28b446599b30c0ddcb9531b489f96fb9c8
access-control-allow-headers: Authorization,*
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
649 B 232ms
232ms Ping
text/plain 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 297c7397
date: Fri, 25 Aug 2023 09:58:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
server-timing: inner; dur=36, cdn-cache; desc=MISS, edge; dur=47, origin; dur=169
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230825095819868CA28DC442856204E0
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 170,23.36.160.14
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dccda8276aace9a0e4ec273085969065cedae330f4de4a92024fb4e93c6b54c5ac7410c38f3d3f5f5f431c154a56bda815da960df8863e7fd75c0e7d8bb8459dc857f15145e6736578d6261fea87056149
access-control-allow-headers: Authorization,*
expires: Fri, 25 Aug 2023 09:58:19 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
634 B 118ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2025%20Aug%202023%2009%3A58%3A19%20GMT&n=-2d&b=Trumeta%20Reds&.yp=10197519&f=https%3A%2F%2Fwww.trumetareds.com%2Fpresentation%3Futm_source%3Ddirectbuys&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: www.trumetareds.com
URL: https://www.trumetareds.com/presentation?utm_source=directbuys

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H3 200 rt Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 20 B
308 B 328ms
328ms XHR
application/json 143.204.214.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt

Requested by

Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=TRU&channel=secure.trumetareds.com

Protocol

Security

QUIC, , AES_128_GCM

Server

143.204.214.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-214-212.fra53.r.cloudfront.net

Software

Apache /

Resource Hash

7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
alt-svc: h3=":443"; ma=86400
content-length: 35
apigw-requestid: KNgxXhyuIAMES0w=
x-amz-cf-id: p9-Z-eaSDkrS8csY_6Eeg5HKb0Ey6gEO4FcCw9bEY72wPCLnFV3qcQ==

OPTIONS
H2 204 rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 0
0 17ms
16ms Preflight 143.204.214.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-212.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.trumetareds.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 300
age: 27304
alt-svc: h3=":443"; ma=86400
apigw-requestid: KMeHJjEMoAMEYpA=
date: Fri, 25 Aug 2023 02:23:15 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-id: KuVLNmH_cI_IpDRQCylFNKXYtD7zblnkV_rECQxG4z0psx8-Qs5Wbg==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
788 B 119ms
119ms Ping
text/plain 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 294170d.297c73a1
date: Fri, 25 Aug 2023 09:58:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time: 101,23.36.160.14
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=7, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023082509581970FC2C2166F4F061842F
x-cache-remote: TCP_MISS from a23-34-240-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.34.240.148
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dca31796b6fbf5a9aa4a9d560a37a2a432495bc5c51a34fda79b14129f0a01280e277b5a0ac6d49a7bf1ff11b806028f6f77df77156ef94afb188ab87e9e5920842383b9884b3ab9509c3351f2fb742a6bcdad425622b4e48be66d74f2801f73e4
access-control-allow-headers: Authorization,*
expires: Fri, 25 Aug 2023 09:58:19 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
790 B 135ms
135ms Ping
text/plain 23.36.162.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-78.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trumetareds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 80510bbb.297c74a5
date: Fri, 25 Aug 2023 09:58:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-14.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time: 115,23.36.160.14
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=20, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230825095819B22DD25A66D38157C377
x-cache-remote: TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.220.104.204
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dc919017b06662280896d5e31ff464c4e991f68a40bc5cd2396256d2f73d7c15c790586fc468e9bc9e2f1253ded77fc3784a9dbe69fb64f98d72df4239d68402f8fa51418bbbaf25e956a9080a59e74cd44ccfae99faa8aa81d1b9062d4e3bf848
access-control-allow-headers: Authorization,*
expires: Fri, 25 Aug 2023 09:58:19 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 24D9 565 B
401 B 34ms
33ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.85b84545.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.trumetareds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 25 Aug 2023 09:58:19 GMT
pinterest-version: 5d1832af3763674a8847e1eb11d824ae575da1f3
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1898203487206513

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D920
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RAPALyS237LVF6rR2kjWJ4MYF_aMdhTx4KFxnA&google_cm&google_hm=ay1SQVBBTHlTMjM3TFZGNnJSMmtqV0o0TVlGX2FNZGhUe...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-RAPALyS237LVF6rR2kjWJ4MYF_aMdhTx4KFxnA&google_cm=&google_hm=ay1SQVBBTHlTMjM3TFZGNnJSMmtqV0o0TVlGX2FNZGh...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RAPALyS237LVF6rR2kjWJ4MYF_aMdhTx4KFxnA&google_gid=CAESEE3kpNJfg0h4daT2ltzpfhI&google_cver=1&google_ula=913071,0

43 B
369 B

24ms
23ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RAPALyS237LVF6rR2kjWJ4MYF_aMdhTx4KFxnA&google_gid=CAESEE3kpNJfg0h4daT2ltzpfhI&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 485568
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RAPALyS237LVF6rR2kjWJ4MYF_aMdhTx4KFxnA&google_gid=CAESEE3kpNJfg0h4daT2ltzpfhI&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame D920 43 B
146 B 45ms
10ms Image
image/gif 18.196.113.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ki1SyyS237LVF6rR2kjWJ4MYF_YKql4CatmMKA&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.113.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-113-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D920
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5721557952812789744

43 B
370 B

64ms
20ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5721557952812789744

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 980145
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
an-x-request-uuid: 755406db-3879-4412-ab14-8388b3818690
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5721557952812789744
x-proxy-origin: 37.58.58.247; 37.58.58.247; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame D920
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-APKKpiS237LVF6rR2kjWJ4MYF_Y_OMoep10Z2w
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-APKKpiS237LVF6rR2kjWJ4MYF_Y_OMoep10Z2w

43 B
907 B

14ms
14ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-APKKpiS237LVF6rR2kjWJ4MYF_Y_OMoep10Z2w

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
an-x-request-uuid: d51c041e-0a1b-4de4-bef6-44954b4a1359
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.247; 37.58.58.247; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
an-x-request-uuid: aa30791f-7296-472e-a26a-393b01fc358f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-APKKpiS237LVF6rR2kjWJ4MYF_Y_OMoep10Z2w
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.247; 37.58.58.247; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame D920 53 B
786 B 89ms
48ms Image
image/gif 23.218.208.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-FBNe7SS237LVF6rR2kjWJ4MYF_bZ3wnmA4R-uw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 25 Aug 2023 09:58:19 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 25 Aug 2023 09:58:19 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame D920 0
239 B 69ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-yAC6wyS237LVF6rR2kjWJ4MYF_Z19Xz1oFJSbg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame D920 0
35 B 50ms
10ms Image
text/plain 52.58.1.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-GcM2jiS237LVF6rR2kjWJ4MYF_aDWuqp9O2h8A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.1.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-1-69.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame D920 43 B
163 B 82ms
22ms Image
image/gif 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-zcqytSS237LVF6rR2kjWJ4MYF_aM84w2byM6Dw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D920 0
99 B 70ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-OrKo_yS237LVF6rR2kjWJ4MYF_aOs5lpugVoLw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14461

GET
H2 200 um
criteo-sync.teads.tv/ Frame D920 23 B
163 B 80ms
40ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-w09GWyS237LVF6rR2kjWJ4MYF_byCkD2S-aS5w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Fri, 25 Aug 2023 09:58:19 GMT
pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame D920 37 B
140 B 39ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-CVDFKSS237LVF6rR2kjWJ4MYF_Zz0WVAQnHI2g&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame D920 0
125 B 66ms
12ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-iQ6_ACS237LVF6rR2kjWJ4MYF_ZXLI--oFvy-Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame D920 43 B
163 B 104ms
28ms Image
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-iLws6CS237LVF6rR2kjWJ4MYF_Zfqs0M2X9EMQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:21 GMT
last-modified: Fri, 18 Nov 2022 14:39:11 GMT
server: nginx
accept-ranges: bytes
etag: "6377990f-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame D920 49 B
342 B 86ms
29ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-pLwzXCS237LVF6rR2kjWJ4MYF_Y7SMOQVFqOeQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:19 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 7
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame D920
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FcmfrCS237LVF6rR2kjWJ4MYF_bKIfMh75OuPQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FcmfrCS237LVF6rR2kjWJ4MYF_bKIfMh75OuPQ&C=1

43 B
766 B

11ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FcmfrCS237LVF6rR2kjWJ4MYF_bKIfMh75OuPQ&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 09:58:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 09:58:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-FcmfrCS237LVF6rR2kjWJ4MYF_bKIfMh75OuPQ&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame D920
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=8Q9U-PJMKbXelwTj4CQ-c8iOniW7idF1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8Q9U-PJMKbXelwTj4CQ-c8iOniW7idF1

42 B
942 B

35ms
34ms

Image
image/gif

34.254.70.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8Q9U-PJMKbXelwTj4CQ-c8iOniW7idF1

Protocol

HTTP/1.1

Server

34.254.70.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-70-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-03003eed0.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: njiIusNaQ2A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-02e2ff31f.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 8ERli1xhQro=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8Q9U-PJMKbXelwTj4CQ-c8iOniW7idF1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame D920 43 B
1 KB 59ms
19ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-aMmu7iS237LVF6rR2kjWJ4MYF_ZIGqfSHkfzgA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 25 Aug 2023 09:58:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame D920 43 B
199 B 137ms
36ms Image
image/gif 54.78.21.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-q84skSS237LVF6rR2kjWJ4MYF_YtkO5Xo4f8vA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.78.21.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-21-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 25 Aug 2023 09:58:19 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame D920 42 B
274 B 68ms
26ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-2zmdzCS237LVF6rR2kjWJ4MYF_ZqwcTwcg73Ag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame D920 0
885 B 50ms
14ms Image
text/html 3.124.28.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-rChFviS237LVF6rR2kjWJ4MYF_YmInQ9jUgAMw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.28.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-28-136.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame D920 0
145 B 349ms
88ms Image
text/plain 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-MiNp7iS237LVF6rR2kjWJ4MYF_YplZ56pYPi-w&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 09:58:20 GMT
Cache-Control: no-cache
X-TraceId: bae6dd0a33b3ef611b3d8d2edd9d860a
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame D920 42 B
580 B 68ms
15ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-1QScHiS237LVF6rR2kjWJ4MYF_afOAA0lrWjGQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 25 Aug 2023 09:58:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame D920 43 B
400 B 335ms
105ms Image
image/gif 2600:1f18:612b:4280:58ee:4fb5:9ee3:3b60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-QpKlOyS237LVF6rR2kjWJ4MYF_aiNdXXg8nrIQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:58ee:4fb5:9ee3:3b60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 25 Aug 2023 09:58:20 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame D920 43 B
153 B 69ms
22ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-J1ehCyS237LVF6rR2kjWJ4MYF_bGVA3CeS-H_g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 25 Aug 2023 09:58:19 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame D920 0
400 B 61ms
29ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-XLCWCSS237LVF6rR2kjWJ4MYF_bQtd4_g0jlTw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 09:58:19 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Thu, 24 Aug 2023 09:58:19 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame D920 0
38 B 135ms
37ms Image
text/plain 54.246.192.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-Byo_LCS237LVF6rR2kjWJ4MYF_ZDAyMNmVUipg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.192.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-192-162.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame D920 0
44 B 43ms
9ms Image
text/plain 52.58.249.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-E79C5yS237LVF6rR2kjWJ4MYF_Yuv4rEItZNdA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.249.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-249-168.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 09:58:19 GMT
server: awselb/2.0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D920
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=3qGEk3pWYcxAeA6jmuIzvi4ZPNEpfZQ3

0
338 B

125ms
34ms

Image
text/plain

18.202.14.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=3qGEk3pWYcxAeA6jmuIzvi4ZPNEpfZQ3
Protocol: H2
Server: 18.202.14.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-14-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: beacon-n009-dub-prod.krxd.net
date: Fri, 25 Aug 2023 09:58:20 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1692957500
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=3qGEk3pWYcxAeA6jmuIzvi4ZPNEpfZQ3
date: Fri, 25 Aug 2023 09:58:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1139276
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame D920
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Jr6c0iv1i24K3hR9ZH4Nf2z5SGUM3yTF

35 B
268 B

364ms
116ms

Image
image/gif

3.12.172.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Jr6c0iv1i24K3hR9ZH4Nf2z5SGUM3yTF
Protocol: H2
Server: 3.12.172.147 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-172-147.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:20 GMT
x-bt-requestid: ebd0c0e1-432d-11ee-89a0-0000ac170286
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Jr6c0iv1i24K3hR9ZH4Nf2z5SGUM3yTF
date: Fri, 25 Aug 2023 09:58:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 710649
content-length: 0

POST
H3 200 log_event Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 3810 28 B
54 B 28ms
28ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/c153b631/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
X-Goog-Request-Time: 1692957501392
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/JUkykFi26Uw?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version: 1.20230822.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtwUGZUY3pnS3VSZyi69qGnBjIGCgJERRIA
X-YouTube-Ad-Signals: dt=1692957498609&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C926%2C521&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 25 Aug 2023 09:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 25 Aug 2023 09:58:21 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 28ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E037P07TQJ&gtm=45je38n0&_p=1354048651&cid=1984909572.1692957499&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1692957498&sct=1&seg=0&dl=https%3A%2F%2Fwww.trumetareds.com%2Fpresentation%3Futm_source%3Ddirectbuys&dt=Trumeta%20Reds&en=scroll&epn.percent_scrolled=90&_et=15
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E037P07TQJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trumetareds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 09:58:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trumetareds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.trumetareds.com
URL: https://www.trumetareds.com/img/video/play-img-d.gif

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 14:17:23	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: nVlmTf7WjNg
.youtube.com/	1970-01-20 18:35:09	Name: VISITOR_INFO1_LIVE Value: 8SqWlYjn2Iw
.trumetareds.com/	1970-01-20 16:25:33	Name: _gcl_au Value: 1.1.230193086.1692957498
.trumetareds.com/	1970-01-20 16:25:33	Name: _rdt_uuid Value: 1692957498467.cff8e0b1-b32f-413a-ae2e-5f829fcf7ae3
.trumetareds.com/	1970-01-20 23:51:57	Name: _ga_E037P07TQJ Value: GS1.1.1692957498.1.0.1692957498.60.0.0
.trumetareds.com/	1970-01-20 16:25:33	Name: _fbp Value: fb.1.1692957498576.1877640199
.trumetareds.com/	1970-01-20 23:51:57	Name: _ga Value: GA1.2.1984909572.1692957499
.trumetareds.com/	1970-01-20 14:17:23	Name: _gid Value: GA1.2.1744707920.1692957499
.trumetareds.com/	1970-01-20 14:15:57	Name: _gat_UA-226099588-1 Value: 1
.trumetareds.com/	1970-01-20 23:45:44	Name: _scid Value: 0e89b825-d915-47f2-bfd4-a339677b43ed
.trumetareds.com/	1970-01-20 23:45:44	Name: _scid_r Value: 0e89b825-d915-47f2-bfd4-a339677b43ed
.criteo.com/	1970-01-20 23:37:33	Name: uid Value: 00a06581-aaa8-4c74-9e54-8d938b1956d2
.tiktok.com/	1970-01-20 23:37:33	Name: _ttp Value: 2UTJB7ynwFhfg0JwTiT8lYviP3j
.trumetareds.com/	1970-01-20 23:01:33	Name: _pin_unauth Value: dWlkPU0ySTRZekpsT0RBdE0ySmtaUzAwWldaa0xXSXdOekF0TXpnMU1tRXdOalUxWWpWbQ
.snapchat.com/	1970-01-20 23:37:33	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIfA70xgEiUzC8LeDOYy7vLRUwSoIbcl2r0jJo2T2Ni3pA9vinK5+YMgAAAA==
www.trumetareds.com/	1970-01-20 14:15:57	Name: outbrain_cid_fetch Value: true
.ct.pinterest.com/	1970-01-20 23:01:33	Name: _pinterest_ct_ua Value: "TWc9PSZPUm54bzIwS3V2NCtaZmtoZ3RkbjVURGthOE5mZE4vYllsa0hQSjl5ckE0YzFFT3RQY1hqdXliVUJVa3NFQ2lOcXBrVWFZTjJ2RXRxZzlpNGN5RE5WTnl4K0FKbHpzdDN5T1RwNE5qbGNDaz0mVXVjTEIxQWZKMFowKzdMRnBLanlLOTc1TVcwPQ=="
.trumetareds.com/	1970-01-20 23:01:33	Name: ucacid Value: 603747752.652972
.trumetareds.com/	1970-01-20 23:45:21	Name: cto_bundle Value: wYyiql9NUUI4NWsyNUJsMmdtOWl0b1JuellQYVVYQ0oyeGg3YWpvelRxWkk0eE4wNyUyRjJ4RzJzTnQwWjVxMU9sUHFRU3U5empENXZJS2RGNkFWeERWbGlRV1ZPWGRVJTJGbm93TnolMkI2MFRvN2tqYmEybkwxdDd0YkZIaEMlMkJ5YjI5RnBpN3FpSDEwZk5YdTM4djY0WjJrOE9GSU9UZyUzRCUzRA
.trumetareds.com/	1970-01-20 23:37:33	Name: _tt_enable_cookie Value: 1
.trumetareds.com/	1970-01-20 23:37:33	Name: _ttp Value: qQok9rZW44D8gjtbGkvtZ77aDQh
secure.trumetareds.com/	1970-01-20 14:26:02	Name: AWSALB Value: 2tqLabAz2qJchxYdiYFoByTlXBGpo+FDZKZMWRBda4G9um3+am3PvVeAcmLYV1d3t09Lo7+0NVl24kBJjF7Cd4Fnn4937YsBcqY98SDnj5KgFkLH74ZChgA5Y6b/
secure.trumetareds.com/	1970-01-20 14:26:02	Name: AWSALBCORS Value: 2tqLabAz2qJchxYdiYFoByTlXBGpo+FDZKZMWRBda4G9um3+am3PvVeAcmLYV1d3t09Lo7+0NVl24kBJjF7Cd4Fnn4937YsBcqY98SDnj5KgFkLH74ZChgA5Y6b/
.yahoo.com/	1970-01-20 23:01:55	Name: A3 Value: d=AQABBDt76GQCEAEchzs-twLUz1U0DbByUwIFEgEBAQHM6WTyZOANyiMA_eMAAA&S=AQAAAhpWpX9_pR4Q4OSnMRvM5XU
.adnxs.com/	1970-01-20 16:25:33	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2In?h2Id.!]tbPl@/D!9hy6]/CwgWcy_MH4^Fj%lfGAo]A51@7#O.3e(L-w7z5!T5fAchhqlO3B``@<P!20ubpRzqF1`*bc]7+^]76
.adnxs.com/	1970-01-20 16:25:33	Name: uuid2 Value: 5721557952812789744
.media.net/	1970-01-20 23:01:33	Name: visitor-id Value: 3359590997317576000V10
.media.net/	1970-01-20 14:59:09	Name: data-c-ts Value: 1692957499
.media.net/	1970-01-20 14:59:09	Name: data-c Value: k-FBNe7SS237LVF6rR2kjWJ4MYF_bZ3wnmA4R-uw~~3
.casalemedia.com/	1970-01-20 23:01:33	Name: CMID Value: ZOh7OwXaHVgrmWGmoqf-0gAA
.casalemedia.com/	1970-01-20 16:25:33	Name: CMPS Value: 2130
.casalemedia.com/	1970-01-20 16:25:33	Name: CMPRO Value: 2130
.doubleclick.net/	1970-01-20 23:37:33	Name: IDE Value: AHWqTUlBbnMnmUn99q5bzk8D-Tid4gwGPlCZ7ReEQ1YdwMZj_MvHmn6kR2lLOUUsMA4
exchange.mediavine.com/	1970-01-20 14:36:07	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22eb7bc310-432d-11ee-b0fb-bbf6772c3047%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:36:07	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22eb7bc310-432d-11ee-b0fb-bbf6772c3047%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:36:07	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22eb7bc310-432d-11ee-b0fb-bbf6772c3047%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:36:07	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22eb7bc310-432d-11ee-b0fb-bbf6772c3047%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:36:07	Name: criteo Value: %7B%22id%22%3A%22k-rChFviS237LVF6rR2kjWJ4MYF_YmInQ9jUgAMw%22%2C%22version%22%3A%22criteo%22%7D
.id5-sync.com/	1970-01-20 14:15:57	Name: cf Value:
.id5-sync.com/	1970-01-20 14:15:57	Name: cip Value:
.id5-sync.com/	1970-01-20 14:15:57	Name: cnac Value:
.id5-sync.com/	1970-01-20 14:15:57	Name: car Value:
.id5-sync.com/	1970-01-20 14:15:57	Name: gdpr Value:
.id5-sync.com/	1970-01-20 14:15:57	Name: callback Value:
.omnitagjs.com/	1970-01-20 14:59:09	Name: ayl_visitor Value: 9e6d72ea4bba953305f0dc9d72991083
.demdex.net/	1970-01-20 18:35:09	Name: demdex Value: 38178282835377719424112719354478011775
.pubmatic.com/	1970-01-20 14:59:09	Name: KRTBCOOKIE_97 Value: 3385-uid:k-1QScHiS237LVF6rR2kjWJ4MYF_afOAA0lrWjGQ&KRTB&23144-uid:k-1QScHiS237LVF6rR2kjWJ4MYF_afOAA0lrWjGQ&KRTB&23286-uid:k-1QScHiS237LVF6rR2kjWJ4MYF_afOAA0lrWjGQ&KRTB&23287-uid:k-1QScHiS237LVF6rR2kjWJ4MYF_afOAA0lrWjGQ
.pubmatic.com/	1970-01-20 14:59:09	Name: PugT Value: 1692957499
.dpm.demdex.net/	1970-01-20 18:35:09	Name: dpm Value: 38178282835377719424112719354478011775
www.trumetareds.com/	1969-12-31 23:59:59	Name: /presentation:watchVideoTime:JUkykFi26Uw Value: 0
.krxd.net/	1970-01-20 18:35:09	Name: _kuid_ Value: PwYskEPA
.tremorhub.com/	1970-01-20 23:01:54	Name: tvid Value: 327c8214bf38493ab18839099e037a4e
.tremorhub.com/	1970-01-20 14:59:09	Name: tv_UICR Value: k-QpKlOyS237LVF6rR2kjWJ4MYF_aiNdXXg8nrIQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
beacon.krxd.net
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
jnn-pa.googleapis.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rr2---sn-4g5ednz7.googlevideo.com
rtb-csync.smartadserver.com
s.pinimg.com
s.thebrighttag.com
s.yimg.com
sc-static.net
secure.adnxs.com
secure.trumetareds.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tr.outbrain.com
tr.snapchat.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.ibph4trk.com
www.redditstatic.com
www.trumetareds.com
www.youtube-nocookie.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
www.trumetareds.com
13.32.23.228
137.184.19.101
141.226.228.48
142.250.184.226
143.204.207.250
143.204.214.212
151.101.1.140
151.101.64.84
162.19.138.117
178.250.1.9
178.250.7.11
178.250.7.13
18.196.113.49
18.202.14.156
185.255.84.152
185.80.39.216
185.86.138.150
185.89.210.20
198.47.127.205
2.16.97.41
2001:4860:4802:34::36
212.82.100.181
23.218.208.23
23.35.237.75
23.35.237.86
23.36.162.78
2600:1f18:612b:4280:58ee:4fb5:9ee3:3b60
2a00:1288:80:807::1
2a00:1450:4001:3d::7
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:827::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82b::2016
2a00:1450:400c:c0c::9b
2a02:2638:3::c
2a02:2638:3::e
2a02:2638:d::2
2a02:26f0:3500:893::1931
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::396
3.12.172.147
3.124.28.136
3.75.62.37
34.107.199.247
34.117.157.22
34.230.108.35
34.254.70.163
35.190.43.134
37.157.6.254
37.252.171.52
52.58.1.69
52.58.249.168
54.246.192.162
54.78.21.60
64.202.112.159
69.173.144.138
74.119.119.150
76.223.111.18
85.215.5.31
0886638a77a0d59cd8a008e4ba1cf39298e654b9e63808e17628ab0285c1f867
0dd4f3b140ab5515ed04e5de3fd162674caa0c340246e49205aafaa8bb151e67
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
14bfa1b53f5beab07b9c1fe255d8430c762f3d96ec928f4d2371e3d352b46f7d
159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434
16e2a9edf601421af94020d122c9588899c7e5d90adf726d00c29062671ec641
17816adda4ba6d3b725a941fa33bd6276898ddc1466dfb23bb890ce06f787ae4
18c25f2b2be1c0d45b6afc9cf228464fadd871d6ddfe6d9255e4bf46d1ae803e
18d33b39da2f9a3561e948b7d73db43383ee5715b2b085ac82549909bf5461d1
1aa00cb6c11b0869393daefa90700e47d7e08001d1972a42e85b6dc78c64d835
1cb0787fb94a140278d5c34b9b3163035afdca88cadc2f888ba076b919c27cbb
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d4b908a415e62c6a658d676940cdd42282cb4f6717ff3f963fa5c39c8c1c7f5
2450f22d0c70307e23e75892dfd7eaefe7b730ebb8cbf60cd2b193d92f6d3aa9
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b
2eccc4dedb62621af4840b96799bcc258f32f5912eeac9ac2c164435c4a387be
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
367d88211b965cbd7d6152e6a2f21966e30ccccd772424070da909b8006880df
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3d30a0d2c6300b2a2596f15e46d7039cad10c9fe47ed98353b54af5340b5e54c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6d90b7a3fef9a95fd8c96b5c1db4e05737434f219490b78a5b713da535cecf
4d21759f51c8be2a62aba93e9c0370268cc2c49c3a2645dd0765a80194255a36
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed0519e31e5cf9ad389669388a76bdceb7c9323099527f27855fc9acc30215f
51ae3da0fdc534c81803325452272532929587b4a309fe109a1cb94bdc025f38
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e772fa0cae63acae0163e8c0b0531f20421b58f5dbaf1dc319bc44f2c928929
5f437173bde14c061620755a3f99c8bd92e74d7cd043d3017ce91ac3b85ff77a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
737edb5be25fe538ed86dcb97fecbee18a085b0a37af413de6341b63873b2d16
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
7ee6e7f8aa28202508d39d6b425448345b89e0142877dfc31c30b328ded39934
807c12bbb3a0f1bc237131ec254bfdd62370631d2c439354c336de13240d8000
817ab35ce1466e4049911f41dd08e83ab9d742111c29fa2d5a31a8f9b8056083
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b4211c04606336dfbe3e876c205e05d436d3419e151bf382b8f89d8b4aa98f
884f5aa8091044a9ef0d00ec5f4786a4c547d5401de57878bdb93447e2a501c3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd93d7b112ac87dd65dcc878b542e0597279266049ad02e2c5ab067cb341fac
95432681612af5e8fcf4ebc6e490f9cc025afd25ff2631b3169f03e19c300d97
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5eb9c2e22c8f45d1d2aa065843d3b891c95346b1e3758071768e9f17a0eb0d3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23721862e0d70f7780c2f3c18059e278b24e778188653dc0ba0ac9e5dd63c6a
b25f463f6bae3a91032b45883f3c20cff20442065c56a2ff05f82ed8f70ccc31
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b6acaafd2a133d399889a3be508cd33b8f1d85b88dd1c49a71b772d6bf45c88e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be092e672895afd1a9ecd6cd60c92b14d5651c8a56f793908d458ad896f72cac
ca4e68f2b09dd38e6b7b5347bc22aa914b2204a0181a4426cb85342c7579ec6d
ce79ed3ef783d005002b40fca02ddcd792356e975621cc6599bea1c0ae402b01
d045ab0a39895392a25e52ccef01397989534a60195d6b9ae227624f600884f9
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de46fb8e26ef2e02cc96f22b8986c1457c92616aeca80a0ce32b16a0faee024d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e904cfff4529436dbaf7b090e6a1444be7eaa92edbb39db85634bf3fd88fd427
ea497c8ac89da9e9643e32eedf620418cda67daa41fef949c5e2d5a6089b34a3
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c5652224213b61fbfe0be8bdddd54a4f7bb10df440059ec979c0925211f2d1
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

www.trumetareds.com Open in urlscan Pro 137.184.19.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

92 %HTTPS

35 %IPv6

55 Domains

70 Subdomains

66 IPs

9 Countries

2213 kBTransfer

6356 kBSize

54 Cookies

0 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.trumetareds.com Open in urlscan Pro
137.184.19.101 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

92 %
HTTPS

35 %
IPv6

55
Domains

70
Subdomains

66
IPs

9
Countries

2213 kB
Transfer

6356 kB
Size

54
Cookies

125 HTTP transactions
1 data transactions