urlscan.io logo urlscan.io
SecurityTrails logo

sonichits.com Open in urlscan Pro
2606:4700:20::681a:22c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sonichits.com/
Effective URL: https://sonichits.com/
Submission: On February 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 137 IPs in 19 countries across 120 domains to perform 452 HTTP transactions. The main IP is 2606:4700:20::681a:22c, located in United States and belongs to CLOUDFLARENET, US. The main domain is sonichits.com. The Cisco Umbrella rank of the primary domain is 359028.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 5th 2021. Valid for: a year.
This is the only time sonichits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 11 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... ()
4 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.194 15169 (GOOGLE)
1 18.66.139.46 16509 (AMAZON-02)
2 2a04:4e42:400... 54113 (FASTLY)
4 3.210.11.204 14618 (AMAZON-AES)
1 2600:9000:231... 16509 (AMAZON-02)
8 2.21.141.175 16625 (AKAMAI-AS)
2 151.101.193.194 54113 (FASTLY)
1 108.157.4.42 16509 (AMAZON-02)
1 18.66.112.41 16509 (AMAZON-02)
1 52.84.90.11 16509 (AMAZON-02)
2 3 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
10 52.72.173.84 14618 (AMAZON-AES)
10 52.17.153.244 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 20 185.220.204.204 41436 (CLOUDWEBM...)
9 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
6 150.136.26.45 31898 (ORACLE-BM...)
5 10 37.252.172.249 29990 (ASN-APPNEX)
1 213.19.147.42 26120 (RHYTHMONE)
2 34.149.20.76 15169 (GOOGLE)
1 35.158.25.241 16509 (AMAZON-02)
1 4 46.249.52.248 50673 (SERVERIUS-AS)
2 2.21.111.28 16625 (AKAMAI-AS)
2 162.210.196.208 30633 (LEASEWEB-...)
7 51.75.86.98 16276 (OVH)
1 178.162.133.150 60781 (LEASEWEB-...)
1 2 147.75.38.124 54825 (PACKET)
3 35.244.159.8 15169 (GOOGLE)
4 52.222.210.175 16509 (AMAZON-02)
3 3 185.94.180.126 35220 (SPOTX-AMS)
1 2a0c:5c81:509... 55081 (24SHELLS)
6 212.115.110.216 204548 (CLOUDWEBM...)
7 10 35.156.100.230 16509 (AMAZON-02)
2 2 23.88.75.189 24940 (HETZNER-AS)
5 16 2.18.234.21 16625 (AKAMAI-AS)
3 7 76.223.111.18 16509 (AMAZON-02)
1 52.222.214.42 16509 (AMAZON-02)
5 8.39.36.141 26667 (RUBICONPR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 37.157.5.142 198622 (ADFORM)
1 204.237.133.116 62713 (AS-PUBMATIC)
1 2.21.142.210 16625 (AKAMAI-AS)
1 185.86.138.122 201081 (SMARTADSE...)
3 185.64.190.78 62713 (AS-PUBMATIC)
1 12 37.157.4.24 198622 (ADFORM)
2 151.101.129.108 54113 (FASTLY)
10 37.252.172.123 29990 (ASN-APPNEX)
2 18.197.251.199 16509 (AMAZON-02)
10 62.149.0.72 15497 (COLOCALL ...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 37.157.3.29 198622 (ADFORM)
2 185.93.1.242 60068 (CDN77 ^_^)
3 2600:9000:224... ()
6 37.157.2.248 198622 (ADFORM)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2600:9000:231... 16509 (AMAZON-02)
1 1 66.155.71.25 13768 (COGECO-PEER1)
4 5.178.65.246 50673 (SERVERIUS-AS)
2 35.186.253.211 15169 (GOOGLE)
5 11 3.212.173.197 14618 (AMAZON-AES)
4 5.178.65.252 50673 (SERVERIUS-AS)
2 5 168.119.146.39 24940 (HETZNER-AS)
4 4 23.37.42.132 16625 (AKAMAI-AS)
8 104.117.200.100 16625 (AKAMAI-AS)
2 205.234.175.175 23352 (SERVERCEN...)
25 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13 35.157.38.3 16509 (AMAZON-02)
1 54.167.5.236 14618 (AMAZON-AES)
8 12 52.223.40.198 16509 (AMAZON-02)
10 15 142.250.184.194 15169 (GOOGLE)
2 4 52.46.154.242 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 1 52.22.106.223 14618 (AMAZON-AES)
3 12 52.19.22.209 16509 (AMAZON-02)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 5 35.227.248.159 15169 (GOOGLE)
3 5 37.157.6.251 198622 (ADFORM)
1 2 2a04:4e42::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
3 4 34.255.158.76 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.106 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.168.101.220 16509 (AMAZON-02)
3 54.76.155.32 16509 (AMAZON-02)
4 5 151.101.130.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 34.199.204.104 14618 (AMAZON-AES)
1 2 52.95.126.160 16509 (AMAZON-02)
2 104.111.215.191 16625 (AKAMAI-AS)
3 3 18.203.74.39 16509 (AMAZON-02)
1 1 62.209.227.211 13036 (TMOBILE-)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 178.250.0.163 44788 (ASN-CRITE...)
2 18.66.97.88 16509 (AMAZON-02)
2 51.158.28.82 12876 (Online SAS)
4 4 185.29.132.241 30419 (MEDIAMATH...)
1 51.75.146.200 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 185.33.221.217 29990 (ASN-APPNEX)
2 2 72.251.244.142 29791 (VOXEL-DOT...)
1 4 188.132.147.235 42910 (PREMIERDC...)
1 199.232.198.2 54113 (FASTLY)
1 213.19.162.80 26667 (RUBICONPR...)
4 3.127.178.105 16509 (AMAZON-02)
2 2 87.98.228.78 16276 (OVH)
3 67.202.105.21 32748 (STEADFAST)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.98.64.218 15169 (GOOGLE)
1 104.17.120.107 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
1 152.199.22.191 15133 (EDGECAST)
1 1 8.2.111.137 46636 (NATCOWEB)
1 178.162.133.149 60781 (LEASEWEB-...)
2 2 216.52.2.39 30282 (AS-INAPCD...)
1 1 146.0.227.109 29066 (VELIANET-...)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
2 3 18.156.0.31 16509 (AMAZON-02)
1 34.192.55.191 14618 (AMAZON-AES)
1 1 185.183.112.155 60350 (VP)
1 199.115.117.82 30633 (LEASEWEB-...)
1 104.16.190.66 13335 (CLOUDFLAR...)
6 8 213.19.147.45 26120 (RHYTHMONE)
6 129.159.70.95 31898 (ORACLE-BM...)
2 4 52.22.84.205 14618 (AMAZON-AES)
5 6 52.31.13.93 16509 (AMAZON-02)
13 185.64.189.110 62713 (AS-PUBMATIC)
2 2 54.73.168.5 16509 (AMAZON-02)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 38.27.122.126 174 (COGENT-174)
1 1 34.102.163.6 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 70.42.32.31 13789 (INTERNAP-...)
2 2 213.155.156.182 1299 (TWELVE99 ...)
7 104.36.113.17 62713 (AS-PUBMATIC)
1 1 54.144.85.208 14618 (AMAZON-AES)
1 199.187.193.193 47043 (SMARTADSE...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 72.251.241.206 29791 (VOXEL-DOT...)
1 151.101.65.44 54113 (FASTLY)
2 198.47.127.20 62713 (AS-PUBMATIC)
2 2 51.222.80.231 16276 (OVH)
1 169.50.137.182 36351 (SOFTLAYER)
2 2 34.245.154.233 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 2 66.155.71.149 13768 (COGECO-PEER1)
1 1 34.102.253.54 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 69.173.151.100 26667 (RUBICONPR...)
1 185.64.190.81 ()
1 1 2620:112:f006... ()
452 137
11    2606:4700:20::681a:22c (United States)

ASN13335 (CLOUDFLARENET, US)
sonichits.com
1    2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
4    2600:9000:223d:f600:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
product.instiengage.com
auth.instiengage.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:224a:1c00:1c:386f:ec80:21 (United States)

ASN- ()
d3lcz8vpax4lo2.cloudfront.net
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
1    18.66.139.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-46.fra60.r.cloudfront.net
cdn.clickfuse.com
2    2a04:4e42:400::591 (United States)

ASN54113 (FASTLY, US)
lastfm.freetls.fastly.net
4    3.210.11.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-11-204.compute-1.amazonaws.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
1    2600:9000:2315:5800:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
8    2.21.141.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-175.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    108.157.4.42 (United States)

ASN16509 (AMAZON-02, US)
get.s-onetag.com
1    18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    52.84.90.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-90-11.lhr62.r.cloudfront.net
signal-beacon.s-onetag.com
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    52.72.173.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-173-84.compute-1.amazonaws.com
eua.instiengage.com
event.instiengage.com
geoip.instiengage.com
cms.instiengage.com
10    52.17.153.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
srv.tunefindforfans.com
5    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
20    185.220.204.204 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
9    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2606:4700:10::6816:1b7 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
6    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
insticator.technoratimedia.com
sync.technoratimedia.com
10    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    35.158.25.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
4    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
2    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
7    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
insticator-d.openx.net
u.openx.net
us-u.openx.net
4    52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
6    212.115.110.216 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
10    35.156.100.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-100-230.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
16    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
js-sec.indexww.com
7    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    52.222.214.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-42.fra56.r.cloudfront.net
sync.intentiq.com
5    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
5    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
2    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    204.237.133.116 (Philadelphia, United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2.21.142.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
12    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
10    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
2    18.197.251.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-251-199.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
10    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    185.93.1.242 (United States)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-463.bunnyinfra.net
cdn.admatic.com.tr
3    2600:9000:224a:1c00:f:4f64:8940:93a1 (United States)

ASN- ()
js.adscale.de
6    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
4    2600:9000:2315:c200:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
4    5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
11    3.212.173.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-173-197.compute-1.amazonaws.com
a.audrte.com
4    5.178.65.252 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
5    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
4    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
25    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
13    35.157.38.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    54.167.5.236 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-5-236.compute-1.amazonaws.com
b2c.instiengage.com
12    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
15    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
4    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    52.22.106.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-106-223.compute-1.amazonaws.com
sync.extend.tv
12    52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
2    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
5    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
5    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
dmp.adform.net
c1.adform.net
2    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:c5b2:6467:3d71:6a2f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    34.255.158.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-158-76.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.106 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.168.101.220 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-101-220.eu-west-2.compute.amazonaws.com
aa.agkn.com
3    54.76.155.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
beacon.krxd.net
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    34.199.204.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-204-104.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
3    18.203.74.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-74-39.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    62.209.227.211 (Prague, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com
bbnaut.ibillboard.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net
tags.crwdcntrl.net
2    51.158.28.82 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-82.rev.poneytelecom.eu
js.cookieless-data.com
4    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    51.75.146.200 (France)

ASN16276 (OVH, FR)
PTR: p11.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    185.33.221.217 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 885.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
adscale-emea.adnxs.com
2    72.251.244.142 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-03.ams2.m6r.eu
tracking.m6r.eu
4    188.132.147.235 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-235-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
1    199.232.198.2 (United States)

ASN54113 (FASTLY, US)
media1.giphy.com
1    213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
4    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    87.98.228.78 (Spain)

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu
green.erne.co
3    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
pixel.33across.com
1    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
1    8.2.111.137 (United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
3    2a05:d018:d29:3605:ccb:acde:da2f:31fc (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    34.192.55.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-55-191.compute-1.amazonaws.com
rtb.adentifi.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    199.115.117.82 (Aldie, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
8    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
6    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
uat-net.technoratimedia.com
4    52.22.84.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-84-205.compute-1.amazonaws.com
sync.bfmio.com
6    52.31.13.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
13    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    54.73.168.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-168-5.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    213.155.156.182 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
7    104.36.113.17 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    54.144.85.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-85-208.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    2606:4700:3039::6815:c08f (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    34.245.154.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-154-233.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
1    2620:112:f006:bbbb::16 (None, )

ASN- ()
d.turn.com
Apex Domain
Subdomains		 Transfer
35 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image6.pubmatic.com — Cisco Umbrella Rank: 595
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image2.pubmatic.com — Cisco Umbrella Rank: 1032
image4.pubmatic.com — Cisco Umbrella Rank: 848
simage4.pubmatic.com
124 KB
26 adform.net
adx.adform.net — Cisco Umbrella Rank: 4833
track.adform.net — Cisco Umbrella Rank: 3933
cm.adform.net — Cisco Umbrella Rank: 1786
s1.adform.net — Cisco Umbrella Rank: 7975
dmp.adform.net — Cisco Umbrella Rank: 2434
c1.adform.net — Cisco Umbrella Rank: 608
177 KB
26 primis.tech
live.primis.tech — Cisco Umbrella Rank: 3190
video.primis.tech — Cisco Umbrella Rank: 6710
523 KB
25 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
8 KB
24 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
cdn.adnxs.com — Cisco Umbrella Rank: 1377
fra1-ib.adnxs.com — Cisco Umbrella Rank: 8024
adscale-emea.adnxs.com — Cisco Umbrella Rank: 19094
acdn.adnxs.com — Cisco Umbrella Rank: 565
97 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
149 KB
20 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 689
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2741
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135
45 KB
19 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 23472
auth.instiengage.com — Cisco Umbrella Rank: 20249
eua.instiengage.com — Cisco Umbrella Rank: 24255
event.instiengage.com — Cisco Umbrella Rank: 26117
geoip.instiengage.com — Cisco Umbrella Rank: 28230
static.instiengage.com — Cisco Umbrella Rank: 23206
b2c.instiengage.com — Cisco Umbrella Rank: 35631
cms.instiengage.com — Cisco Umbrella Rank: 35153
136 KB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7427
ih.adscale.de — Cisco Umbrella Rank: 3772
17 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
ssum.casalemedia.com — Cisco Umbrella Rank: 1337
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
16 KB
14 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
tags.crwdcntrl.net — Cisco Umbrella Rank: 2221
id.crwdcntrl.net — Cisco Umbrella Rank: 1894
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
29 KB
14 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3752
u-ams02.e-planning.net — Cisco Umbrella Rank: 59486
s.e-planning.net — Cisco Umbrella Rank: 6371
i.e-planning.net — Cisco Umbrella Rank: 6375
sync.e-planning.net — Cisco Umbrella Rank: 5261
7 KB
13 technoratimedia.com
insticator.technoratimedia.com — Cisco Umbrella Rank: 18190
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 4037
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
uat-net.technoratimedia.com — Cisco Umbrella Rank: 2111
10 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
5 KB
11 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3719
10 KB
11 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 6241
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 6623
5 KB
11 sonichits.com
sonichits.com — Cisco Umbrella Rank: 359028
187 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
4 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1565
44 KB
10 tunefindforfans.com
srv.tunefindforfans.com — Cisco Umbrella Rank: 44170
52 KB
9 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 15093
2 KB
9 gstatic.com
fonts.gstatic.com
391 KB
7 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1023
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
5 KB
7 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
3 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
4 KB
7 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
sync.1rx.io — Cisco Umbrella Rank: 528
3 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 418
326 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
dis.criteo.com — Cisco Umbrella Rank: 691
2 KB
7 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438
www.google.com — Cisco Umbrella Rank: 13
84 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524 Failed
2 KB
6 admatic.com.tr
cdn.admatic.com.tr — Cisco Umbrella Rank: 9839
ads3.admatic.com.tr — Cisco Umbrella Rank: 10680
ads4.admatic.com.tr — Cisco Umbrella Rank: 20051
22 KB
6 openx.net
insticator-d.openx.net — Cisco Umbrella Rank: 16453
u.openx.net — Cisco Umbrella Rank: 710
rtb.openx.net — Cisco Umbrella Rank: 1548
us-u.openx.net — Cisco Umbrella Rank: 359
1 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
38 KB
5 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1240
sync.mathtag.com — Cisco Umbrella Rank: 421
3 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
1 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
2 KB
5 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2070
1 KB
5 youtube.com
img.youtube.com — Cisco Umbrella Rank: 3447
78 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1648
ssc-cms.33across.com — Cisco Umbrella Rank: 877
pixel.33across.com — Cisco Umbrella Rank: 2343
475 B
4 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1279
1 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 916
3 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
13 KB
4 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 408
usermatch.krxd.net — Cisco Umbrella Rank: 1214
1 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
3 KB
4 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 21086
b2c.insticator.com — Cisco Umbrella Rank: 17129
event.insticator.com — Cisco Umbrella Rank: 16336
3 KB
4 fastly.net
lastfm.freetls.fastly.net — Cisco Umbrella Rank: 69683
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1580
177 KB
3 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 193308
640 B
3 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 570
match.taboola.com — Cisco Umbrella Rank: 2469
733 B
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3536
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
815 B
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
2 KB
3 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 14043
sync.aralego.com — Cisco Umbrella Rank: 2178
910 B
3 google.de
www.google.de — Cisco Umbrella Rank: 5557
627 B
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3723
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4374
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4566
17 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
83 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
d.turn.com
929 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3163
894 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
883 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 808
s.tribalfusion.com — Cisco Umbrella Rank: 2305
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5889
637 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
885 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
653 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
930 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
1 KB
2 erne.co
green.erne.co — Cisco Umbrella Rank: 11838
501 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
3 KB
2 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 12770
1 KB
2 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 5866
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 466
529 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27256
673 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1197
792 B
2 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2733
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3523
290 B
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 424
952 B
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 934
85 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 698
721 B
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1904
690 B
2 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1505
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578
718 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1175
451 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1204
599 B
2 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1699
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
1 KB
2 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
110 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4285
465 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2987
534 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
612 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1634
408 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1809
877 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6346
279 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
659 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
301 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 273
601 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 546
706 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2371
250 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1587
112 B
1 districtm.io
cdn.districtm.io — Cisco Umbrella Rank: 2067
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1611
307 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1228
88 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2627
585 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 2333
528 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2763
1 KB
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 3699
1 KB
1 giphy.com
media1.giphy.com — Cisco Umbrella Rank: 2315
350 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
17 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 812
326 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
531 B
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 20532
550 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 442
378 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20022
335 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 143344
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7892
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11738
411 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1830
546 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
576 B
1 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1542
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1799
157 B
1 clickfuse.com
cdn.clickfuse.com — Cisco Umbrella Rank: 317595
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109
29 KB
0 survata.com Failed
px.surveywall-api.survata.com Failed
0 ib-ibi.com Failed
global.ib-ibi.com Failed
452 120
Domain Requested by
20 live.primis.tech 1 redirects srv.tunefindforfans.com
live.primis.tech
sonichits.com
15 mwzeom.zeotap.com spl.zeotap.com
ads.us.e-planning.net
15 cm.g.doubleclick.net 10 redirects ssum.casalemedia.com
spl.zeotap.com
eb2.3lift.com
bcp.crwdcntrl.net
13 simage2.pubmatic.com ad-cdn.technoratimedia.com
ads.pubmatic.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
12 match.adsrvr.org 8 redirects ssum.casalemedia.com
srv.tunefindforfans.com
eb2.3lift.com
bcp.crwdcntrl.net
12 track.adform.net 1 redirects sonichits.com
s1.adform.net
11 a.audrte.com 5 redirects ads.us.e-planning.net
a.audrte.com
sync.e-planning.net
11 sonichits.com 3 redirects sonichits.com
srv.tunefindforfans.com
10 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
df80k0z3fi8zg.cloudfront.net
sync.e-planning.net
ads.pubmatic.com
10 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
ads.us.e-planning.net
10 fra1-ib.adnxs.com sonichits.com
cdn.adnxs.com
10 x.bidswitch.net 7 redirects sonichits.com
ssum-sec.casalemedia.com
eb2.3lift.com
10 srv.tunefindforfans.com sonichits.com
srv.tunefindforfans.com
9 ex.ingage.tech srv.tunefindforfans.com
df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
sync.e-planning.net
9 fonts.gstatic.com fonts.googleapis.com
8 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
sync.e-planning.net
ad-cdn.technoratimedia.com
ex.ingage.tech
8 ads.pubmatic.com d3lcz8vpax4lo2.cloudfront.net
live.primis.tech
s.console.adtarget.com.tr
ads.us.e-planning.net
sync.e-planning.net
ad-cdn.technoratimedia.com
ads.pubmatic.com
7 image2.pubmatic.com ads.pubmatic.com
7 eb2.3lift.com 3 redirects ad-cdn.technoratimedia.com
eb2.3lift.com
7 onetag-sys.com srv.tunefindforfans.com
ads.us.e-planning.net
df80k0z3fi8zg.cloudfront.net
sync.e-planning.net
ad-cdn.technoratimedia.com
6 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
6 uat-net.technoratimedia.com ad-cdn.technoratimedia.com
6 sync.1rx.io 5 redirects ad-cdn.technoratimedia.com
6 match.prod.bidr.io ad-cdn.technoratimedia.com
6 event.instiengage.com product.instiengage.com
6 s1.adform.net sonichits.com
6 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
df80k0z3fi8zg.cloudfront.net
6 video.primis.tech sonichits.com
6 ib.adnxs.com 2 redirects srv.tunefindforfans.com
spl.zeotap.com
acdn.adnxs.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
sonichits.com
srv.tunefindforfans.com
5 sync-tm.everesttech.net 4 redirects ssum-sec.casalemedia.com
5 pixel.tapad.com 4 redirects spl.zeotap.com
5 bcp.crwdcntrl.net 2 redirects ssum.casalemedia.com
tags.crwdcntrl.net
5 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
5 sync.richaudience.com 2 redirects ads.us.e-planning.net
spl.zeotap.com
sync.e-planning.net
5 img.youtube.com sonichits.com
5 fonts.googleapis.com sonichits.com
live.primis.tech
client
4 sync.bfmio.com 2 redirects ad-cdn.technoratimedia.com
4 sync.technoratimedia.com ad-cdn.technoratimedia.com
eb2.3lift.com
4 ps.eyeota.net sonichits.com
4 token.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
4 pagead2.googlesyndication.com srcdoc
sonichits.com
imasdk.googleapis.com
4 sync.mathtag.com 4 redirects
4 dpm.demdex.net 3 redirects ssum-sec.casalemedia.com
4 s.amazon-adsystem.com 2 redirects ssum.casalemedia.com
eb2.3lift.com
4 secure-assets.rubiconproject.com 4 redirects
4 s.e-planning.net ads.us.e-planning.net
sync.e-planning.net
4 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
4 static.instiengage.com sonichits.com
4 secure.adnxs.com 3 redirects ssum-sec.casalemedia.com
4 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
4 fundingchoicesmessages.google.com sonichits.com
3 ups.analytics.yahoo.com 2 redirects ssum-sec.casalemedia.com
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
3 ads3.admatic.com.tr cdn.admatic.com.tr
3 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 3 redirects
3 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
bcp.crwdcntrl.net
3 dmp.adform.net 2 redirects spl.zeotap.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 sync.search.spotxchange.com 3 redirects
3 ads.us.e-planning.net 1 redirects sonichits.com
s.console.adtarget.com.tr
3 www.google.de sonichits.com
3 www.google.com sonichits.com
3 stats.g.doubleclick.net www.google-analytics.com
srv.tunefindforfans.com
3 gum.criteo.com 2 redirects
3 securepubads.g.doubleclick.net sonichits.com
securepubads.g.doubleclick.net
2 pixel-us-east.rubiconproject.com
2 connect.facebook.net sonichits.com
connect.facebook.net
2 pixel-sync.sitescout.com 1 redirects bcp.crwdcntrl.net
2 ads.avct.cloud 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.targeting.unrulymedia.com 1 redirects ads.pubmatic.com
2 ap.lijit.com 2 redirects
2 ssc-cms.33across.com df80k0z3fi8zg.cloudfront.net
2 green.erne.co 2 redirects
2 js-sec.indexww.com live.primis.tech
df80k0z3fi8zg.cloudfront.net
2 tracking.m6r.eu 2 redirects
2 js.cookieless-data.com s.e-planning.net
2 tags.crwdcntrl.net s.e-planning.net
2 dis.criteo.com 2 redirects
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 tags.bluekai.com spl.zeotap.com
bcp.crwdcntrl.net
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 idsync.frontend.weborama.fr 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 trc.taboola.com 1 redirects spl.zeotap.com
2 pixel.quantserve.com 2 redirects
2 event.insticator.com srv.tunefindforfans.com
2 i.e-planning.net ads.us.e-planning.net
sync.e-planning.net
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 rtb.openx.net ads.us.e-planning.net
sync.e-planning.net
2 use.fontawesome.com client
use.fontawesome.com
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 creativecdn.com 2 redirects
2 protected-by.clarium.io sonichits.com
2 cdn.adnxs.com sonichits.com
2 adx.adform.net live.primis.tech
2 csync.loopme.me 2 redirects
2 u.openx.net live.primis.tech
df80k0z3fi8zg.cloudfront.net
2 prebid.a-mo.net 1 redirects srv.tunefindforfans.com
2 hb.aralego.com srv.tunefindforfans.com
2 htlb.casalemedia.com srv.tunefindforfans.com
live.primis.tech
2 ssc.33across.com srv.tunefindforfans.com
2 insticator.technoratimedia.com srv.tunefindforfans.com
2 eua.instiengage.com auth.instiengage.com
2 mug.criteo.com sonichits.com
2 auth.instiengage.com d3lcz8vpax4lo2.cloudfront.net
auth.instiengage.com
2 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
2 lastfm.freetls.fastly.net sonichits.com
2 product.instiengage.com sonichits.com
d3lcz8vpax4lo2.cloudfront.net
1 d.turn.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 www.facebook.com srv.tunefindforfans.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 match.bnmla.com ad-cdn.technoratimedia.com
1 pixel.33across.com ad-cdn.technoratimedia.com
1 cdn.districtm.io ad-cdn.technoratimedia.com
1 us-u.openx.net ad-cdn.technoratimedia.com
1 sync.aralego.com cdn.aralego.net
1 sync.adotmob.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 inv-nets.admixer.net 1 redirects
1 sync.go.sonobi.com
1 cs.admanmedia.com 1 redirects
1 ad-cdn.technoratimedia.com df80k0z3fi8zg.cloudfront.net
1 acdn.adnxs.com df80k0z3fi8zg.cloudfront.net
1 biddr.brealtime.com df80k0z3fi8zg.cloudfront.net
1 cdn.aralego.net df80k0z3fi8zg.cloudfront.net
1 sync.e-planning.net df80k0z3fi8zg.cloudfront.net
1 ads4.admatic.com.tr 1 redirects
1 pixel-eu.rubiconproject.com sonichits.com
1 media1.giphy.com sonichits.com
1 adscale-emea.adnxs.com 1 redirects
1 cms.instiengage.com product.instiengage.com
1 s0.2mdn.net imasdk.googleapis.com
1 id.crwdcntrl.net srv.tunefindforfans.com
1 api.rlcdn.com srv.tunefindforfans.com
1 id5-sync.com srv.tunefindforfans.com
1 bbnaut.ibillboard.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 dsum.casalemedia.com ssum.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 sync.extend.tv 1 redirects
1 b2c.instiengage.com product.instiengage.com
1 pixel.sitescout.com 1 redirects
1 geoip.instiengage.com product.instiengage.com
1 cm.adform.net s.console.adtarget.com.tr
1 prg.smartadserver.com live.primis.tech
1 ads.stickyadstv.com live.primis.tech
1 hbopenbid.pubmatic.com live.primis.tech
1 pixel.rubiconproject.com sonichits.com
1 sync.intentiq.com sonichits.com
1 s.console.adtarget.com.tr live.primis.tech
1 insticator-d.openx.net srv.tunefindforfans.com
1 apex.go.sonobi.com srv.tunefindforfans.com
1 hb.emxdgt.com srv.tunefindforfans.com
1 tag.1rx.io srv.tunefindforfans.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 get.s-onetag.com d3lcz8vpax4lo2.cloudfront.net
1 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 cdn.clickfuse.com sonichits.com
1 d3lcz8vpax4lo2.cloudfront.net sonichits.com
1 www.googletagmanager.com sonichits.com
1 i.ytimg.com sonichits.com
0 px.surveywall-api.survata.com Failed bcp.crwdcntrl.net
0 global.ib-ibi.com Failed bcp.crwdcntrl.net
452 200

This site contains links to these domains. Also see Links.

Domain
www.lyricfind.com
www.facebook.com
www.twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-05 -
2022-09-04		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-28 -
2022-05-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.clickfuse.com
Amazon		 2021-12-09 -
2023-01-07		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
srv.tunefindforfans.com
Amazon		 2021-09-29 -
2022-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2021-07-15 -
2022-07-18		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.a-mo.net
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-01-28 -
2022-04-28		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
sync.console.adtarget.com.tr
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2022-01-06 -
2022-04-06		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
ads4.admatic.com.tr
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.giphy.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-03 -
2022-06-04		 a year crt.sh
*.eyeota.net
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-10 -
2022-02-08		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 87 frames:

Primary Page: https://sonichits.com/
Frame ID: B954E961ACFFC8D59BADEE4DF053A2DE
Requests: 103 HTTP requests in this frame

Frame: https://sonichits.com/tf.php?a=The%20Weeknd&t=Sacrifice
Frame ID: 329B0F0284FF2DE57064B7DF6A39909C
Requests: 4 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 88325289A5C37E2A987845FA91EC4811
Requests: 1 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: A017065CCCBFF1BD21842A1D9AEB6220
Requests: 3 HTTP requests in this frame

Frame: https://sonichits.com/tf.php?s=1&a=The%20Weeknd&t=Sacrifice
Frame ID: 5008909F40D0679B8EC9EC65BB345AA8
Requests: 4 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727&x=640&y=440&cbuster=1643687649&pubUrlAuto=https%3A%2F%2Fsonichits.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 20B486AD7D01C91680C4B917A1BC4173
Requests: 31 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 8D5CB5C82537CD4651E9460D44F60A15
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 9E907CCD1D505A5B4B89D99A82E4566F
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=94&advUuid=9c6082f0-8312-11ec-9c89-1cf699440206
Frame ID: 0D2506943C0C946099B423F370781D1A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: E49A880059D5F7716F375BEF462E0EB7
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: F55AE637170E329C9A88FC65CB319383
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=49825729;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.055721-zlE_H8cYZA_I4ZkaX4ME2KHoaHGPnIfP0;rtbr=5168442275194918913_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fsonichits.com%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=KOxY41NIkNlomp5GGAndOPMZAIDXExHvyUKOq5kIlKyd8D-z15plohpfsBESq1xGuqk7ELp8gbUL0UPvjGbRNDZ7gjLd0z6313zn-Dxf3LGg0R25zdmY8B1y2YUQ31okvvboOZ-j9oAJ5qBnS7G0RUvOK6dv0wsoYJgtcTbkkg5VvUeGEyAG0hUCzFW9muloaEWw94jnZC56l5ZoyNiS8kHhIpkoas3H0;rtbtest=0
Frame ID: 0999BA60BA69ACE56530EB904B050E4A
Requests: 16 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=49927110;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.055721-zlE_H8cYZA_I4ZkaX4ME2KHoaHGPnIfP0;rtbr=2046596850595093403_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fsonichits.com%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=KOxY41NIkNlomp5GGAndOPMZAIDXExHv2PnDwKHIW5d1JvPKi12gbSU7WZephFqiuqk7ELp8gbUL0UPvjGbRNDZ7gjLd0z6313zn-Dxf3LGg0R25zdmY8B1y2YUQ31okvvboOZ-j9oAJ5qBnS7G0RUvOK6dv0wsoYJgtcTbkkg5VvUeGEyAG0hUCzFW9muloaEWw94jnZC56l5ZoyNiS8kHhIpkoas3H0;rtbtest=0
Frame ID: FA046AEA0038C1695E4A83918472E2F3
Requests: 15 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Frame ID: 2E08EE5FFD2CA4F9D220C269F99A7CFA
Requests: 17 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: 83AF9F1301BF650B2977A18B0EFDF104
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Frame ID: 70AFAD3E00B58CD27676D607CECFA71F
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=G5dNE2nHJFkQJyrEvGuU&pi=admatic&tc=1
Frame ID: FDD9CCD1AEBE4EE015FCC1BD49DFE559
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 3447897B2C7E02D2A4226D3E0DC39679
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 5C6C15C1BBF63EAE9A0BB9C4716DB48F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: A7AD6A2A0F3184DB5D2FEEB9DC59E47A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: CA3C763B62C8842E87317885E197E03F
Requests: 7 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: B26C110DC00AC30E9F15B8F6D31FFE22
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 74E631C4513ED5B6A0E4F94762330730
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: 738890508E773D573548185C2024761A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 420CDB296E73AFAA8A90283E8F818978
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4250c6da5369e790%26uid%3D
Frame ID: 02900BA6431915432617A5BEC5982642
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Frame ID: 3BBA4AE55664963AF6ACF2741C8E0059
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: E4183410C707CF93CDE5846FB9FB6DAA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: CBF9AF083A884AF6183D15237EE141C2
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361&cmp=0
Frame ID: 6F715DD672AE82DFF2D3391162B6BC30
Requests: 30 HTTP requests in this frame

Frame: https://b2c.instiengage.com/v3/pages/usertracking
Frame ID: 68BC801051E75CA295AEA0C8E9EA92AC
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: DE8509E9709A3D62AAC3FA83E8322C98
Requests: 11 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 8B2994DBDBDB3B17CDD8787545B2DECB
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AADDdpHt-SLn32Dk
Frame ID: C74DE9B6078379CC24395699893C8600
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 3D6294551DEFB742DA0EF2776755CB9A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 02206F2B707CC6B0CF1E6326A30B98C2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A1EEEE1660AB0A2A5410A6F27FEA5CA2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 914EDA1838A6EC9DD83B49CEC170EA52
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://sonichits.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 57C78115E3C1FCABC4C34BD00E86E708
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Frame ID: D3FA328D8F5DBC6A0F14F2988646149C
Requests: 10 HTTP requests in this frame

Frame: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Frame ID: 39A966C620286B45FF4A2B91D1E9E756
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D33XUSERID33X
Frame ID: 2B76EAABBE22298C6D19370EA36058F9
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FBE522A665690E0B6566B6F32C0EE403
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 77F11946473347E5A2DD50A47885F159
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 1144516A32530D5B1A689D127A995E0D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 58756D6CF6A03F9B6B5FA5D2C78D6DE6
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=74914c79-90c1-4c89-4363-8407cae771a6&zdid=1361&cmp=0
Frame ID: 79BBFFB414AF0156FC6C5737BABE7422
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7Cc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8&gdpr=0
Frame ID: D4B433EE9513A418C70C675D09CD89F6
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: E6A28C2D2CE4A9B119D8D1A12D557895
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1643687649319
Frame ID: DBF2F9D8EF6331840FECF7EF562347F3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: 7F81D14F631805AA92C2955EFD4397B6
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3FD9976B04C8FA39947A62E049878EEB
Requests: 2 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Frame ID: 36BF7257B3F071143A0157FA2140B346
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://sonichits.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 11ED8E8C53D423B5ED3BC9F2C0CB05F2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: DF1C34799E093BC4B0578137C1D2CF7F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Frame ID: CDC929D28DD03F59D4A74A69F128D47F
Requests: 21 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 93B2213E7097F384911416DF064C36ED
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 061B911AC5DE2A2FA360FDF3626F35FB
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=341fed9f-7e9e-4720-42ff-feeb5be3099f&zdid=1361&cmp=0
Frame ID: B030FF1FBF47CEDAEE103538068D8E89
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Frame ID: C12F5471D296B375A7F3EFB8F4B0C90C
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Frame ID: CD010256686CE0EFF89FA2884FD47C70
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Frame ID: BCE2497B7B6BE708A98F6AD0978B56C0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/?sellerid=101769
Frame ID: EFD4881E1D6421A9A0F7EBF2F6481EDB
Requests: 1 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Frame ID: ECDF3C758624487FB04BC1BD2E3A338C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: 616CDC62FDE4B584C4F8472EF5826AF6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Frame ID: 31DA9C7E05BE4F7410492C89B9D63DEA
Requests: 12 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 8A9EBB3B6FB20C6215FC348C4A590291
Requests: 2 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/eplanning/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=AADDdpHt-SLn32Dk
Frame ID: 1347D9239407D6BDF63A48CE1FA20C3C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=08F6A4C4-E2F6-4412-9D16-320F6F86208E
Frame ID: 0451EF1EB3E3311F31E6D596B705CF38
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1177796469199382528
Frame ID: 51E1C887A3D1C3BBFA09EA840B5C6322
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent=
Frame ID: A88C39EDDFD9F24493D6AA3DD0D76E8A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B69F0B3AF66FFB8E7B03C7AB3DA9C999
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059584701594794130
Frame ID: 057847F891FBB52D50F1FD777F48CF2F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yfiu4gAC2316UABH&gdpr=0&gdpr_consent=
Frame ID: FD0E7D1FFA8A8509ABAA5BC6A200DA4F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6tWI1Lm0Sa5X_Wl4Ajmw0LnVm6M
Frame ID: C01F0E71DAFFD66FACCDE7D06E3992C7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: C98361AD08706DED845756FF0F965C5B
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAq28U7D8V4AAGQX9Q76GQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: AB68D8BF1D8A718902E271EA0FD83799
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6EB0165DF80A0BDB99E04F8030C3512F
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: F4F16C3F1735F48B2C143F2EFE7765BF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Lbz5OTBYyzWQRwUhg77wYP2q
Frame ID: 6A9462C6A3FD21E7BE60BF478790E645
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 091860ED980FD4C5E53DEB59D3335315
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
Frame ID: 5FE6E141908237039A3DBF5C7B3AECE8
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 6D20B8EA6ED59B139A6FB41E3196FE6F
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c82be9ec-c8c0-404b-80ce-b6acec0e4f7b-tuct8f23465&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 9D4BAB4C5967CBCBAE3361D178DC89EF
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=662f81febc283255&uid=08F6A4C4-E2F6-4412-9D16-320F6F86208E
Frame ID: 28CE207FE1D5ADF4CFD3B1B8A7A4CDD4
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=919290435/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: 06532B76443F72A1604719E314E2B14B
Requests: 7 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=286186938/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Frame ID: 3FDBB362E23FB46A30A7B027F4218CA9
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SonicHits | Lyrics, Song Meanings, Music Videos, Full Albums & Artist Biographies

Page URL History Show full URLs

  1. http://sonichits.com/ HTTP 301
    https://sonichits.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

452
Requests

79 %
HTTPS

23 %
IPv6

120
Domains

200
Subdomains

137
IPs

19
Countries

3514 kB
Transfer

9115 kB
Size

170
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sonichits.com/ HTTP 301
    https://sonichits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://sonichits.com/artist_image/VGhlIFdlZWtuZA==/MzUyYmVhNWM3N2QwOTcyNmM3NGQwNzNlMDM2YTdhYTg=/extralarge HTTP 301
  • https://lastfm.freetls.fastly.net/i/u/300x300/dfd01019404313399f77999285f78aa9.webp
Request Chain 25
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsonichits.com%2F&domain=sonichits.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=tdQK-nxrMm02NnJZZEhWM3FiSGtEQnMyTGxDamxKaG9jN0xxUmNZUWgxMmtXNjJRU3hsaVhKeTRRK2t1MG9wOW5zQ0k0SFFEZWdocnkwcjZDMnBqaDRWL25iYnNVcWlmMStZaExiblVBdERodGduemxMUlVkaW04bzVnMHZROWptUVlwTXRWQXRkK0lRdlljaUR4SGRPeDhxM1NjUzhmaFhib1MzM0hVWW8zNFg4Z0d5YnV0cTZtRXpQM1pad3lEU2lUczhoR2Q0Nlh3V1Y0L1lyWUVvZ2tGT1F0S2wxYUtWMWJzNWFRV3FjMi8rYUo4PXw&cppv=2
Request Chain 67
  • https://ads.us.e-planning.net/pbjs/1/25987/1/sonichits.com/ROS?rnd=0.9179842140173755&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsonichits.com%2F HTTP 302
  • https://ads.us.e-planning.net/hb/1/25987/1/sonichits.com/ROS?ct=1&r=pbjs&rnd=0.9179842140173755&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsonichits.com%2F
Request Chain 95
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=9c608330-8312-11ec-9c89-1cf699440206 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=94&advUuid=9c6082f0-8312-11ec-9c89-1cf699440206
Request Chain 108
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=93&advUuid=114f25cb-5954-4e09-84eb-98c215022735
Request Chain 109
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=99&advUuid=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB
Request Chain 110
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D2364040295132926877994&advId=121&advUuid=2364040295132926877994 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2364040295132926877994
Request Chain 112
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=105&advUuid=5931503064749152372
Request Chain 123
  • https://sonichits.com/artist_image/RG9qYSBDYXQ=/ZGIzMzZlZjNhYTg0NmJkZTYyZDdkNTkwZjM1NmQ2YTA=/extralarge HTTP 301
  • https://lastfm.freetls.fastly.net/i/u/300x300/6a520a662b0d30646781d03ade00625a.webp
Request Chain 144
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=G5dNE2nHJFkQJyrEvGuU&pi=admatic&tc=1
Request Chain 167
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4250c6da5369e790 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4250c6da5369e790
Request Chain 171
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4250c6da5369e790 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 172
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4250c6da5369e790%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4250c6da5369e790&uid=5931503064749152372
Request Chain 173
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 182
  • https://ih.adscale.de/uu?cbfn=receive&t=1643687650 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1643687650&nut&uu=cf6937bf63e847439fbb39898d3c870c
Request Chain 200
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yfiu4UXV-pMn0Mb9Zg.AHAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yfiu4UXV-pMn0Mb9Zg.AHAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRmWx20kgNpQfz64XxslUc&google_cver=1&gdpr=1&google_hm=2
Request Chain 202
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB&dcc=t
Request Chain 203
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=0ag9nYb8PpfKr2jG0KF2lNaob8HKoW-VhvtgH2wY
Request Chain 204
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d50cac91-9524-4e91-bf6f-d6e31084eb0d
Request Chain 205
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 206
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643774050&gdpr=1
Request Chain 215
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=927d056e-bc5c-4e48-a65d-6022efd21e83&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Request Chain 217
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=59444c0f-47c1-4b1c-a915-855b519598a7&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Request Chain 221
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ff4cd8db-85ee-425b-8b51-cea42665a815&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 222
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=23836303013657515233819255571420157573&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Request Chain 224
  • https://bn01.er.bemail.it/zeotap.php?_bid=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022020104-33791-0.856804001643687642-1bd9d0bc50927ffc10136dd79153a05d&zdid=533&env=mWeb
Request Chain 225
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7059584701594794130&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Request Chain 226
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3
Request Chain 227
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361&bounce=1&random=3233827695 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=m.soF2yIo/AKTXWp3m4iPe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Request Chain 229
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=9ba0c5bf769f0eb3a0e9f7415e3b4051&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Request Chain 230
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-IHeykUVE2oqVNEcOoOlI0YHPoJFvDvNCCw--~A&zpartnerid=570&env=mWeb
Request Chain 231
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3YelikUR15lVxfBaf4I%2BAYycccVDaLt6%2BS41iYitP1U%3D
Request Chain 234
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361&_test=Yfiu4gAC2316UABH HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yfiu4gAC2316UABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361&_test=Yfiu4gAC2316UABH
Request Chain 235
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Request Chain 236
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Request Chain 237
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361&dcc=t
Request Chain 239
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Request Chain 245
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=cf6937bf63e847439fbb39898d3c870c&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=101&tpuid=BBID-01-03184016504723237-16514424
Request Chain 248
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=672ffa649af5c5af0ffecd05336c8757b1f40e780512a6adfe1b7850fabe7818&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
Request Chain 249
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c4863db5484f4b7e75f14a83b95d329f4b5d5314964a5fadba579fba75d9def9&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=42&gdpr=0&tpuid=8070419996045664251
Request Chain 250
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=a0c8f749280493137b8e268520e8ea8377c8d78d66232d21617b4c1d71ad455a&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7d6fe8ed-9583-40db-97ed-b81b14839a17&gdpr=0
Request Chain 255
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=4cb3af95eb0dcff58a999210b03a579769c6873913f9ab0ed784ed99f4b557bc&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent=
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=c2e3d7328edef441e45ceefc830d2a7dec65676ba623ea517f32fa7edf6e207a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?uid=c2e3d7328edef441e45ceefc830d2a7dec65676ba623ea517f32fa7edf6e207a&tpid=38&gdpr=0&tpuid=CAESEMqFba0L-UCy3jSWpkMiiUQ&google_cver=1
Request Chain 272
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=75&tpuid=5931503064749152372&gdpr=0
Request Chain 273
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=28c82514439f6a369de1907496a05127237f76bb77c8f39214c0046355e43e87&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=28c82514439f6a369de1907496a05127237f76bb77c8f39214c0046355e43e87&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/js?tpid=48&tpuid=449678f43063631e9634c7e685c77050
Request Chain 288
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=bf473738a36b8768d16b615a2c1d43&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l134f_7059584705884726182 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YmY0NzM3MzhhMzZiODc2OGQxNmI2MTVhMmMxZDQz&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFoCRoEZRfzgBwosANUDGN0&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=59444c0f-47c1-4b1c-a915-855b519598a7 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5931503064749152372 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/bf473738a36b8768d16b615a2c1d43?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-fr6EgRhE2oO1VTHDukQX3PwyGhA3JzciapNKP5lT~A HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=Ocn3Cw7e1NeKfa5&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8070419996045664251 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Yfiu4gAC2316UABH HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Request Chain 295
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8070419996045664251 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEJsx8YcOkXi3rqKDrNnHz3U&google_cver=1 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=&google_gid=CAESEJsx8YcOkXi3rqKDrNnHz3U&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 303
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admatic HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=Lbz5OTBYyzWQRwUhg77wYP2q&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id=
Request Chain 318
  • https://cs.admanmedia.com/sync/insticator_ssp?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%7B%24UID%7D HTTP 302
  • https://ex.ingage.tech/v1/sync/acuityads/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=ed9fe1139178481f1b1dbd3c68925cea524d8bdf
Request Chain 319
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D HTTP 302
  • https://ex.ingage.tech/v1/sync/amx/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=6a931c91-7038-4c9a-899b-b749e9a7ea20&gdpr=0
Request Chain 322
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ex.ingage.tech/v1/sync/sovrn/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=92d459ab911038721e233b8c
Request Chain 324
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dinsticator%26bsw_param%3Dd2d17e31-2696-46b0-b00f-55cdc506595c%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=7b259baefcab453787711792a7e19010&ssp=insticator&bsw_param=d2d17e31-2696-46b0-b00f-55cdc506595c&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ex.ingage.tech/v1/sync/bidswitch/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=d2d17e31-2696-46b0-b00f-55cdc506595c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 332
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 339
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D662f81febc283255 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Request Chain 340
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 345
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Request Chain 353
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=59444c0f-47c1-4b1c-a915-855b519598a7
Request Chain 354
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5931503064749152372
Request Chain 355
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=vrd6MC2g4zZbLYERTsJ40TXdLRW1Nf2V
Request Chain 356
  • https://sync.bfmio.com/syncb?pid=164 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=59444c0f-47c1-4b1c-a915-855b519598a7
Request Chain 357
  • https://sync.bfmio.com/syncb?pid=163 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=59444c0f-47c1-4b1c-a915-855b519598a7
Request Chain 358
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=9c6082f0-8312-11ec-9c89-1cf699440206
Request Chain 359
  • https://match.prod.bidr.io/cookie-sync/syn HTTP 303
  • https://match.prod.bidr.io/cookie-sync/syn?_bee_ppp=1
Request Chain 360
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor&zcc=1&cb=1643687653157 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5941950122 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/59444c0f-47c1-4b1c-a915-855b519598a7 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-05dcf6da-17ae-4824-9868-537bd0596a78-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-05dcf6da-17ae-4824-9868-537bd0596a78-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
Request Chain 361
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=3d158837-9bfd-4f41-b7cc-4e0ee2dc7033
Request Chain 362
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-QixlHJNE2uFaTYb_ToL276kUjWaEylZE~A
Request Chain 363
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
Request Chain 364
  • https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%% HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&uid=SZmkowr5598c&pid=83
Request Chain 368
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=DLuy315fp&dongle=u6nf
Request Chain 370
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM2NDA0MDI5NTEzMjkyNjg3Nzk5NA%3D%3D
Request Chain 372
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2364040295132926877994?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rEB9KjxE2oR4w2lupF4pps.v2jsSuk_gELORNehP8w--~A&dongle=0883
Request Chain 375
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2364040295132926877994 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2364040295132926877994&dcc=t
Request Chain 376
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 379
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 381
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D74914c79-90c1-4c89-4363-8407cae771a6%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=74914c79-90c1-4c89-4363-8407cae771a6&zdid=1361
Request Chain 388
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1177796469199382528
Request Chain 389
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent=
Request Chain 390
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 391
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059584701594794130
Request Chain 392
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yfiu4gAC2316UABH&gdpr=0&gdpr_consent=
Request Chain 393
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6tWI1Lm0Sa5X_Wl4Ajmw0LnVm6M
Request Chain 394
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 395
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFxMjhVN0Q4VjRBQUdRWDlRNzZHUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAq28U7D8V4AAGQX9Q76GQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAq28U7D8V4AAGQX9Q76GQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAq28U7D8V4AAGQX9Q76GQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 396
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 398
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Lbz5OTBYyzWQRwUhg77wYP2q
Request Chain 400
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5325624152 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/59444c0f-47c1-4b1c-a915-855b519598a7 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
Request Chain 402
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c82be9ec-c8c0-404b-80ce-b6acec0e4f7b-tuct8f23465&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CPakxOL2RBKdFjIPb4Ygjg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 405
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=670e61f8-aee2-4d00-9e0e-737cec3cd0b5
Request Chain 406
  • https://pixel.onaudience.com/?partner=214&mapped=08F6A4C4-E2F6-4412-9D16-320F6F86208E HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9ba0c5bf769f0eb3a0e9f7415e3b4051 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=5e05c569749a91c2
Request Chain 407
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhGNkE0QzQtRTJGNi00NDEyLTlEMTYtMzIwRjZGODYyMDhF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDdxrALkoqiCb2aWzwwc1a0&google_cver=1
Request Chain 410
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8070419996045664251
Request Chain 411
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59444c0f-47c1-4b1c-a915-855b519598a7
Request Chain 412
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5931503064749152372&gdpr=0&gdpr_consent=
Request Chain 413
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PI1aK2vZWSEnig9wPYQRIjuNCHcnhAgja94BajM0
Request Chain 415
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=08F6A4C4-E2F6-4412-9D16-320F6F86208E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-s88_VvRE2uXeHf3V3rGpZRBjgZ3fvUM-~A&gdpr=0&gdpr_consent=
Request Chain 416
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=4036ebeb-d23b-49bc-a86e-4519b621df76&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d2d17e31-2696-46b0-b00f-55cdc506595c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 417
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8627758794172146307&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 419
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e9137f87-11a3-4877-bbcb-c6347e272934&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 420
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 421
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5931503064749152372
Request Chain 424
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D341fed9f-7e9e-4720-42ff-feeb5be3099f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=341fed9f-7e9e-4720-42ff-feeb5be3099f&zdid=1361
Request Chain 434
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Yfiu4gAC2316UABH
Request Chain 444
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=&google_gid=CAESEJsx8YcOkXi3rqKDrNnHz3U&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 445
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8070419996045664251 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
Request Chain 451
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9ba0c5bf769f0eb3a0e9f7415e3b4051&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=23836303013657515233819255571420157573
Request Chain 453
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=9ba0c5bf769f0eb3a0e9f7415e3b4051&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=f1285982-ca3f-49e5-8d28-9d224b25660d
Request Chain 454
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/9ba0c5bf769f0eb3a0e9f7415e3b4051/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8627758794172146307
Request Chain 455
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5
Request Chain 456
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=d2d17e31-2696-46b0-b00f-55cdc506595c HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=d2d17e31-2696-46b0-b00f-55cdc506595c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=457c2c56-6a58-42a6-907f-0851a40479c3&ssp=admatic&expires=30&user_group=5&bsw_param=d2d17e31-2696-46b0-b00f-55cdc506595c HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id=

452 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sonichits.com/
Redirect Chain
  • http://sonichits.com/
  • https://sonichits.com/
439 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f906bbd738834722cd04bd568b0269819071ab15365c2bb3d83f098507f84b1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=1209600
pragma
cache
expires
Tue, 15 Feb 2022 03:54:08 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAq935cD9BS0JnCrwWPCMdLNPtjAX3ql6Ck3h%2FvsOHOea6jvV8j53Oem1IrbMLQCZr5fwtzixKG%2BAPIYEaTiU3awcO0ZaFHho7eBZCwuTIRh%2FLRLu8BLHu6q12rSHsl%2FyuYbPd6LAhuo6tY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d683c978ec391e4-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Tue, 01 Feb 2022 03:54:07 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://sonichits.com/
Cache-Control
max-age=600
Expires
Tue, 01 Feb 2022 04:04:07 GMT
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8MNJk9xAudqBv3Y0NU9zNe3znJLCfNyi%2Bi8IqKAisLM3kc6OmeKVlpssWhCp5Ox6gGKTs2WNpmaM7eXftMAccs5RFpWnnepNpTKudf19HLLQb370TJq1x4SGqaMrXGxwMn6f9dXpM0nWnA%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6d683c95cccd9177-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sddefault.jpg
i.ytimg.com/vi/VafTMsrnSTU/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/VafTMsrnSTU/sddefault.jpg
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a566ffc37f2f21ae0ac468ff2353d8a58b738bb472432ebc024bfb0092976e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:45:13 GMT
x-content-type-options
nosniff
age
535
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29374
x-xss-protection
0
server
sffe
etag
"1641614603"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Feb 2022 05:45:13 GMT
fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
product.instiengage.com/product-loader-code/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/product-loader-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:f600:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
U2OtfTWOSHvj3rXdu2HKyOUJbBCpHIUn
content-encoding
br
last-modified
Fri, 19 Nov 2021 16:37:52 GMT
server
AmazonS3
age
3302
etag
W/"3e178191a86d02cb48d2376422824cdd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Tue, 01 Feb 2022 03:02:55 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
ec5w_zQfQ4EPPo9wGwZjzSiudobMLA25IuNv2naEXj9RUaRXw_-t4A==
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-48241384-2
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ecdc9ce783348836e3d200a44a3fb945e65bce418a9dd572884319b838f34aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36053
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Feb 2022 03:54:08 GMT
/
sonichits.com/js/ 		331 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sonichits.com/js/?v=1636681992
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59fce0e5467af585c1a1a438682aa4eefc9b8d7c2dedd34ca408057d6e69366f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
584107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
cache
last-modified
Tue, 25 Jan 2022 09:39:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svC%2B3pdKJVABV%2BE%2FLzaXvQo6WUxTcznLN4d0x2qJobi0vE%2B3jiAx6W3%2BIEpxvYnrMZgpfv7A2hFHDv%2FTMSLtM7sFwIOplF%2F6wxOVEqeamlrru8rh0EgL9YJE1mLiIy0GZO6tQapNBGDSujE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
6d683c9b5baa91e4-FRA
expires
Wed, 25 Jan 2023 09:39:01 GMT
fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		124 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:1c00:1c:386f:ec80:21 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cd82a16c99adaca8e8f468f454a2a5d8910747f984a288f6e4d5cf07c4eb3ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
23xzp7qhP5PRMA.rZc04iibcCoyC0Yv1
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 19:43:10 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
W/"a4a8a99a4dd86c05e7f29255ed0b824e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Tue, 01 Feb 2022 03:54:08 GMT
x-amz-cf-id
-vrHn5fhYcX-B8SIQI5VUoHEOH59HvIp-gItuknjvB0teJzEHbGnPg==
AGSKWxWNmYbyOIjq6k37UAGcxdmWhzyoc-5NKtBmkD5AI5q3kLey80Sxu_XDCBCPJ6BG7nDNc2ZYgzWx10mB_Mwt0ls=
fundingchoicesmessages.google.com/f/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWNmYbyOIjq6k37UAGcxdmWhzyoc-5NKtBmkD5AI5q3kLey80Sxu_XDCBCPJ6BG7nDNc2ZYgzWx10mB_Mwt0ls=
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31d37c63b368feb042b61d6af4b25aa5bc761ece3dd73a4b9dd69afe650f1e8c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xmJC6GFw5aavWvlYnIXO5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-xmJC6GFw5aavWvlYnIXO5Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xmJC6GFw5aavWvlYnIXO5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-xmJC6GFw5aavWvlYnIXO5Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
414a1a2d9428825f15596c5a8ed05c076da4242ad07c8a2843a58e9bbd763f26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27269
x-xss-protection
0
server
sffe
etag
"1118 / 613 of 1000 / last-modified: 1643670388"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 01 Feb 2022 03:54:08 GMT
close_48.png
cdn.clickfuse.com/overlay/images/ 		788 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clickfuse.com/overlay/images/close_48.png
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d685aacbfdc4b9019d05c149697b612f4dac768d20fbb40d38b461943cd5dd7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 06:32:57 GMT
Via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 16 Oct 2018 21:35:47 GMT
Server
AmazonS3
Age
76875
ETag
"1fd77d0889e08c6dbafaefd2a12f77cc"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Accept-Ranges
bytes
Content-Length
788
X-Amz-Cf-Id
41zOvciZbSKC-inqWT0RDzEICYbG9tagd1OrYYDyo-HwkgQX06EUtg==
dfd01019404313399f77999285f78aa9.webp
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain
  • https://sonichits.com/artist_image/VGhlIFdlZWtuZA==/MzUyYmVhNWM3N2QwOTcyNmM3NGQwNzNlMDM2YTdhYTg=/extralarge
  • https://lastfm.freetls.fastly.net/i/u/300x300/dfd01019404313399f77999285f78aa9.webp
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lastfm.freetls.fastly.net/i/u/300x300/dfd01019404313399f77999285f78aa9.webp
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Server
2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty/1.7.7.2 /
Resource Hash
2db94632401f3d331de21fbdb6a8db8f2fb2daac228feb56ea14f613c4a83024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
via
1.1 varnish
age
2340917
x-cache
HIT
content-length
16302
x-served-by
cache-hhn4044-HHN
server
openresty/1.7.7.2
x-timer
S1643687649.937129,VS0,VE1
etag
"5e80cf471aa2d34d000fed93955ea72b8718704e"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=311040000; public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1

Redirect headers

pragma
cache
date
Tue, 01 Feb 2022 03:54:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2B1Bi8J3es2ZvrxKbvfzWoPATsuKCHyo7Glv3RIKYw%2F8iy0Na%2BN7poGe29aeNyi7HHNJ4KBhKjr057UHrvItTeSK36gbraCZu2rxUsGXkcgunIW8ozQYxBTwlpY6hnIrUKwbRgIoogoeHB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://lastfm.freetls.fastly.net/i/u/300x300/dfd01019404313399f77999285f78aa9.webp
cache-control
public, max-age=1209600
cf-ray
6d683c9b5bab91e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 15 Feb 2022 03:54:08 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d614d0c48799621b4301a34a64082f6adbe66439a52aa5ab2541c1704ea43f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c06789e2affc2b5ecfdfb35d1cc9f2d766bdd995cb10d9e7257609503e282aa4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/jpeg
tf.php
sonichits.com/ Frame 329B 		818 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sonichits.com/tf.php?a=The%20Weeknd&t=Sacrifice
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec469f8d265e67b6eaa8c7797976d9763a36ecab9adcb25c6cc3add8015a7158

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=3153600000
pragma
cache
expires
Thu, 08 Jan 2122 03:54:08 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOPpI0u9TFvrNas8yVyp8BATTaHl9fz%2B%2BDS%2BQGpUvoz3bC%2Fjv%2Fzjsxj0zpe8FIrHSjXhKZmG2n2OTU0X748IQNsqhq5RpBwgMBI1Go2LuU4L4v1dVcLVRW2CgMSIdxCvHE61W4y5v0dYmUs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d683c9b7e679214-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
geoip.insticator.com/json/ 		243 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash
69fa96ddf7d8a75e81ee6d9620e3dcee3fc235557811f6f0b38344a064621d43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:08 GMT
access-control-allow-credentials
true
x-database-date
Mon, 31 Jan 2022 22:59:37 GMT
content-length
243
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 8832 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
9196a755-0365-49ce-9123-8ca2627ea7d2
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		265 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:5800:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2845cabf9c5cdc91fce9a638ed5d0da542e6987b18eafdaa5338b4e8e27ac3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
qyrPKCv06UovgHdGDr9iglELfGt85mlO
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 04:46:01 GMT
server
AmazonS3
age
85374
etag
W/"5b30ef832b67fef7fba516b9104f1199"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
date
Mon, 31 Jan 2022 07:35:23 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
KBtIyNAG0hrEho7BJQEQRBGhfV4v3NCQ7KOajkNv9Z17O3P-0OOFYg==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/6114/ 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bc9ae2a6e821a0f3ba11ed872830e2eb7441c61c9ab9b388fff4119a257839d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 17:51:27 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121c93-33521-5d3aba7910ef1"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=170139
accept-ranges
bytes
content-type
text/javascript
content-length
66188
expires
Thu, 03 Feb 2022 03:09:47 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		586 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1121966eef3bbe6e63d5605c2386a620b6aa6e834276437b50d4df3bed193059

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:08 GMT
Content-Encoding
gzip
Age
925
X-Cache
HIT
Connection
keep-alive
Content-Length
85972
x-amz-id-2
fiiIImQoNLHkFQiPGJZu7LorSggJyeAC31Phy5DwbEXVdRLVE3Q/AZzTC+gsyFG5gR88DwmNTXo=
X-Served-By
cache-hhn4025-HHN
Last-Modified
Tue, 01 Feb 2022 03:33:21 GMT
Server
AmazonS3
X-Timer
S1643687649.640528,VS0,VE0
ETag
"ba39e3ed8f6c878a2381ef86a1a81c55"
x-amz-request-id
35CXBNEHWM9D9BRD
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
13
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 18:02:42 GMT
server
AmazonS3
age
19743
etag
W/"51ed6db266476896c6fe9a06992898e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Tue, 01 Feb 2022 03:09:13 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
fkHkla6bz0sxNA4benbVARh_cZua8tIqH5KdxyVCQ6iQhPKIvHu1JQ==
index.html
auth.instiengage.com/auth/ Frame A017 		73 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:f600:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

content-type
text/html
content-length
73
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
accept-ranges
bytes
server
AmazonS3
date
Tue, 01 Feb 2022 03:49:44 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
x-cache
Hit from cloudfront
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
BzXVfRQ1yBs-uS-ZoJ0jatSWIZ8UepJzN5A7mFqmAX7oFBW_ce3hrg==
age
265
bundle.js
auth.instiengage.com/auth/ Frame A017 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:f600:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
jkvVs5l1bdD4_CiNx2O8LCKAIlX14uq9
content-encoding
br
last-modified
Thu, 28 Oct 2021 14:58:37 GMT
server
AmazonS3
age
123
etag
W/"3f019eeba204464fe4c8dad30cf9150b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
date
Tue, 01 Feb 2022 03:52:06 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
N9zsbuSK1FoTrLfwrEL0SABqu1dTrE7exBhQiFTPT89b4hPZNb7_tw==
tf.php
sonichits.com/ Frame 5008 		818 B
989 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sonichits.com/tf.php?s=1&a=The%20Weeknd&t=Sacrifice
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2126e9d02d5b533c4462365017448f72ec413879c7b94c78c27cc6e5bc3fea97

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=3153600000
pragma
cache
expires
Thu, 08 Jan 2122 03:54:08 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZIuZZ3NLUqpkQM5gq90vssFcS9CbtODwoKDDLtBYFV5P%2FKt09ws2Gwt7s1FX3emUyVKYqjZSvKhNtWYU14c7kDDyFppfgLGK78kYIy3KPwXJHCdFZDdTFheRgLESuNiZaAUNXi73L91cFg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d683c9c1ee19214-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
onetag-geo.s-onetag.com/ 		555 B
960 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 18:32:21 GMT
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
age
33707
x-amzn-requestid
e7f96d82-60d5-41a1-af88-51b9bbb89f4f
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3, FRA56-P5
x-amz-apigw-id
M0uwYE2siYcFfZg=
content-length
555
x-amz-cf-id
7TL43WEZplmyiQTDoLwnFsemWqcuAglfU0-lZuYFarNQv_Y7xtNjsQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.90.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-90-11.lhr62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding
gzip
etag
W/"ea838863b2b3bf40d1353c99808a5464"
last-modified
Tue, 09 Nov 2021 13:26:48 GMT
server
AmazonS3
age
72943
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8eab33758f7a9d7a7d13481eabebea68.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 31 Jan 2022 07:38:26 GMT
x-amz-cf-pop
LHR62-C4
x-amz-cf-id
pBhLiOiKWZIj-N7YliTrTR56PMAf-uUA9D4Nv3Km4IT7uoEP9FvxHw==
truncated
/ 		356 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ea321d799e3ff43961ab684a14e65597b43c744a90238064f9bfc8e3c626916

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/jpeg
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsonichits.com%2F&domain=sonichits.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://sonichits.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://sonichits.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1674
date
Tue, 01 Feb 2022 03:54:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsonichits.com%2F&domain=sonichits.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=tdQK-nxrMm02NnJZZEhWM3FiSGtEQnMyTGxDamxKaG9jN0xxUmNZUWgxMmtXNjJRU3hsaVhKeTRRK2t1MG9wOW5zQ0k0SFFEZWdocnkwcjZDMnBqaDRWL25iYnNVcWlmMStZaExiblVBdERodGduemxMUlVkaW04bzVnMH...
350 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tdQK-nxrMm02NnJZZEhWM3FiSGtEQnMyTGxDamxKaG9jN0xxUmNZUWgxMmtXNjJRU3hsaVhKeTRRK2t1MG9wOW5zQ0k0SFFEZWdocnkwcjZDMnBqaDRWL25iYnNVcWlmMStZaExiblVBdERodGduemxMUlVkaW04bzVnMHZROWptUVlwTXRWQXRkK0lRdlljaUR4SGRPeDhxM1NjUzhmaFhib1MzM0hVWW8zNFg4Z0d5YnV0cTZtRXpQM1pad3lEU2lUczhoR2Q0Nlh3V1Y0L1lyWUVvZ2tGT1F0S2wxYUtWMWJzNWFRV3FjMi8rYUo4PXw&cppv=2
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
04707005e04ea48b90c93e8ff1a0ac6e2b5be4b733579c9a683a3e3cc0e89bfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2619
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:08 GMT
location
https://mug.criteo.com/sid?cpp=tdQK-nxrMm02NnJZZEhWM3FiSGtEQnMyTGxDamxKaG9jN0xxUmNZUWgxMmtXNjJRU3hsaVhKeTRRK2t1MG9wOW5zQ0k0SFFEZWdocnkwcjZDMnBqaDRWL25iYnNVcWlmMStZaExiblVBdERodGduemxMUlVkaW04bzVnMHZROWptUVlwTXRWQXRkK0lRdlljaUR4SGRPeDhxM1NjUzhmaFhib1MzM0hVWW8zNFg4Z0d5YnV0cTZtRXpQM1pad3lEU2lUczhoR2Q0Nlh3V1Y0L1lyWUVvZ2tGT1F0S2wxYUtWMWJzNWFRV3FjMi8rYUo4PXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2091
content-length
482
expires
0
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201261844/ 		185 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201261844/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
481f91bab5bfe29d46a7c0890dc6d1780018692ef4920bf441db8b18698700a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:08 GMT
Content-Encoding
gzip
Age
331
X-Cache
HIT
Connection
keep-alive
Content-Length
60220
x-amz-id-2
prkQWAqZYqO7zf9LGKSVlt6TnLM0sW5OULDloaPWeYffy/k7eI9tzJq8PciVgxOKA8gAPTp2fHRzXN1TNgEQAg==
X-Served-By
cache-hhn4025-HHN
Last-Modified
Wed, 26 Jan 2022 23:45:59 GMT
Server
AmazonS3
X-Timer
S1643687649.727976,VS0,VE0
ETag
"f04b0f11b8b9282146c128d90ea7d4f2"
x-amz-request-id
JPTMXS86BZ749515
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
110
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48241384-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1154
date
Tue, 01 Feb 2022 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 01 Feb 2022 05:34:54 GMT
AGSKWxUbH8_lORhaAuOaOvmKvj0v5Eke8ha5MwYV2h1QgBqR8loQ7l2C4aH-ybyTBPEZF9Vf4_Na59DZAarDJlia-Fw=
fundingchoicesmessages.google.com/el/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbH8_lORhaAuOaOvmKvj0v5Eke8ha5MwYV2h1QgBqR8loQ7l2C4aH-ybyTBPEZF9Vf4_Na59DZAarDJlia-Fw=?pvid=08206049-0B55-49DC-B3E2-BCB1CB1228F9&anonid=803541A0-18A8-402C-9895-1DC1A221CF6C
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.imt69GR8JL4.es5.O/d=1/rs=AJlcJMyJzd9a5YNXe2z0Iu9kcd0-Ifi5Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0xCRAjc4nJyA9xBFdrCf1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0xCRAjc4nJyA9xBFdrCf1g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0xCRAjc4nJyA9xBFdrCf1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0xCRAjc4nJyA9xBFdrCf1g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWcBh7fsCtC9j44MhHHgesNNfLLj6egly4Xptnu-XH8qBGy4Zcq2lvJxLu0lt8tHLbyWo_YaQshSwITEU3JX9c=
fundingchoicesmessages.google.com/f/ 		256 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWcBh7fsCtC9j44MhHHgesNNfLLj6egly4Xptnu-XH8qBGy4Zcq2lvJxLu0lt8tHLbyWo_YaQshSwITEU3JX9c=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNjg3NjQ4LDc4NDAwMDAwMF0sIjA4MjA2MDQ5LTBCNTUtNDlEQy1CM0UyLUJDQjFDQjEyMjhGOSIsIjgwMzU0MUEwLTE4QTgtNDAyQy05ODk1LTFEQzFBMjIxQ0Y2QyIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3NvbmljaGl0cy5jb20vIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.imt69GR8JL4.es5.O/d=1/rs=AJlcJMyJzd9a5YNXe2z0Iu9kcd0-Ifi5Qw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83f29db414a40f2f956726cee20099b4efdaf5002f915efc36928e4bdbca190d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7QQV1YC5ycsQiM57LsiC5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-7QQV1YC5ycsQiM57LsiC5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7QQV1YC5ycsQiM57LsiC5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-7QQV1YC5ycsQiM57LsiC5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://auth.instiengage.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://auth.instiengage.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
token
eua.instiengage.com/v1/auth/ Frame A017 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
3c423e674638442afef985aa2c86864d7238a30af166f3a9d6b05c3ea4b90035

Request headers

Referer
https://auth.instiengage.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Tue, 01 Feb 2022 03:54:09 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
pubads_impl_2022012701.js
securepubads.g.doubleclick.net/gpt/ 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 00:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122333
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 09:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Feb 2023 00:52:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		204 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sonichits.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
49b480e0fc70d5f129fbc2a0d69c232b70e61c16d1a64b2d86f5fe5ef6ec427f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124
x-xss-protection
0
expires
Tue, 01 Feb 2022 03:54:08 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tdQK-nxrMm02NnJZZEhWM3FiSGtEQnMyTGxDamxKaG9jN0xxUmNZUWgxMmtXNjJRU3hsaVhKeTRRK2t1MG9wOW5zQ0k0SFFEZWdocnkwcjZDMnBqaDRWL25iYnNVcWlmMStZaExiblVBdERodGduemxMUlVkaW04bzVnMHZROWptUVlwTXRWQXRkK0lRdlljaUR4SGRPeDhxM1NjUzhmaFhib1MzM0hVWW8zNFg4Z0d5YnV0cTZtRXpQM1pad3lEU2lUczhoR2Q0Nlh3V1Y0L1lyWUVvZ2tGT1F0S2wxYUtWMWJzNWFRV3FjMi8rYUo4PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1353
date
Tue, 01 Feb 2022 03:54:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
apricots.js
srv.tunefindforfans.com/fruits/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/fruits/apricots.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.153.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Amazon) /
Resource Hash
b3d53ed27cdc38447919a51a6ab9de8b68d6d257c138dddf4adb2cccb2eff24d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 17:53:55 GMT
server
Apache/2.4.52 (Amazon)
etag
"a072-5d6e477d9d62e-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=60, public
accept-ranges
bytes
content-length
13689
expires
Tue, 01 Feb 2022 03:55:08 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=293997418&t=pageview&_s=1&dl=https%3A%2F%2Fsonichits.com%2F&ul=en-us&de=UTF-8&dt=SonicHits%20%7C%20Lyrics%2C%20Song%20Meanings%2C%20Music%20Videos%2C%20Full%20Albums%20%26%20Artist%20Biographies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1142480777&gjid=1972581951&cid=1060605773.1643687649&tid=UA-48241384-2&_gid=462759324.1643687649&_r=1&gtm=2ou1q0&z=1684957793
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
apricots.js
srv.tunefindforfans.com/fruits/ Frame 329B 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/fruits/apricots.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/tf.php?a=The%20Weeknd&t=Sacrifice
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.153.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Amazon) /
Resource Hash
b3d53ed27cdc38447919a51a6ab9de8b68d6d257c138dddf4adb2cccb2eff24d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 19:43:46 GMT
server
Apache/2.4.52 (Amazon)
etag
"a072-5d6e600b93c8d-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=60, public
accept-ranges
bytes
content-length
13689
expires
Tue, 01 Feb 2022 03:55:08 GMT
css
fonts.googleapis.com/ 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.n7fxTjLnmg0.es5.O/d=1/rs=AJlcJMwXw0Ts5RCy0t3t9X40_oPLH0PCdg/m=iabtcfv2wallscript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a3868c61ca885220fcbe768210f995e928e578050c68a425acd82688adba5be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 03:54:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 01 Feb 2022 03:54:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Feb 2022 03:54:09 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-48241384-2&cid=1060605773.1643687649&jid=1142480777&gjid=1972581951&_gid=462759324.1643687649&_u=YEBAAUAAAAAAAC~&z=1141322987
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 01 Feb 2022 03:54:09 GMT
content-type
text/plain
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUKE7HR8jYzybCfy4bwRKX-29v0lwPocQ2Z5ISrUEGB91uL4HxlwVv6F2BC6voRKPywOUjKmKGCade8adJqthJnCVH3LaSRBa2Kp9_ol-eSFsRRbxj7ZwEpWzBVnWGHj7vE4DhnPGDBsCfKi5ueMyrxY3Lxc3mQkp1efGlyY3cA9xSJqb5czMYaSfpM
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUKE7HR8jYzybCfy4bwRKX-29v0lwPocQ2Z5ISrUEGB91uL4HxlwVv6F2BC6voRKPywOUjKmKGCade8adJqthJnCVH3LaSRBa2Kp9_ol-eSFsRRbxj7ZwEpWzBVnWGHj7vE4DhnPGDBsCfKi5ueMyrxY3Lxc3mQkp1efGlyY3cA9xSJqb5czMYaSfpM?dmid=dc1aaa8f14ac471c
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.n7fxTjLnmg0.es5.O/d=1/rs=AJlcJMwXw0Ts5RCy0t3t9X40_oPLH0PCdg/m=iabtcfv2wallscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-b6/SSC0LD7x7aFzpyl0RXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-b6/SSC0LD7x7aFzpyl0RXg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-b6/SSC0LD7x7aFzpyl0RXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-b6/SSC0LD7x7aFzpyl0RXg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
adunit.php
srv.tunefindforfans.com/showads/ 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/showads/adunit.php?id=100004491&di=&subtag=&search=&artist=The%20Weeknd&song=Sacrifice&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1643687649056
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.153.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Amazon) /
Resource Hash
2f4c8aa18adcd43ea491199764b7d818b9c5c68bd0691c940c4fde3aa6bae877

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
cache-control
no-cache, must-revalidate
content-type
text/javascript;charset=UTF-8
server
Apache/2.4.52 (Amazon)
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="/w3c/p3p.xml"
content-length
829
expires
Sat, 26 Jul 1997 05:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-48241384-2&cid=1060605773.1643687649&jid=1142480777&_u=YEBAAUAAAAAAAC~&z=86371689
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-48241384-2&cid=1060605773.1643687649&jid=1142480777&_u=YEBAAUAAAAAAAC~&z=86371689
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adunit.php
srv.tunefindforfans.com/showads/ Frame 329B 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/showads/adunit.php?id=100004322&di=cf_async_824179034&subtag=&search=&artist=The%20Weeknd&song=Sacrifice&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=490&abf=0&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=1&pe=&ph=&pf=&fh=&mo=undefined&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1643687649062
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.153.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Amazon) /
Resource Hash
a20f90e11639ad795b66015af8021746e1521e4c4afafcc0d335c936c33e11e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
cache-control
no-cache, must-revalidate
content-type
text/javascript;charset=UTF-8
server
Apache/2.4.52 (Amazon)
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="/w3c/p3p.xml"
content-length
3035
expires
Sat, 26 Jul 1997 05:00:00 GMT
apricots.js
srv.tunefindforfans.com/fruits/ Frame 5008 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/fruits/apricots.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=The%20Weeknd&t=Sacrifice
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.153.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Amazon) /
Resource Hash
b3d53ed27cdc38447919a51a6ab9de8b68d6d257c138dddf4adb2cccb2eff24d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 17:51:45 GMT
server
Apache/2.4.52 (Amazon)
etag
"a072-5d6e4701760c6-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=60, public
accept-ranges
bytes
content-length
13689
expires
Tue, 01 Feb 2022 03:55:09 GMT
adunit.php
srv.tunefindforfans.com/showads/ Frame 5008 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/showads/adunit.php?id=100004323&di=cf_async_412499892&subtag=&search=&artist=The%20Weeknd&song=Sacrifice&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=750&abf=0&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=1&pe=&ph=&pf=&fh=&mo=undefined&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1643687649100
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.153.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Amazon) /
Resource Hash
a76e922fc7e20cc18cc00d33a45194fa199bf7000998bc184d919ccf35c1e83b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
cache-control
no-cache, must-revalidate
content-type
text/javascript;charset=UTF-8
server
Apache/2.4.52 (Amazon)
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="/w3c/p3p.xml"
content-length
3035
expires
Sat, 26 Jul 1997 05:00:00 GMT
imp.php
srv.tunefindforfans.com/showads/track/ Frame 329B 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv.tunefindforfans.com/showads/track/imp.php?cid=99928959&aid=100004322&artist=The+Weeknd&song=Sacrifice&search=&b=Chrome_97&cs=1&uri=https%3A%2F%2Fsonichits.com%2F&t=1643687649&subtag=&ldmo=&adid=12911781&creative_id=500137385&caph=0&capv=0&atv=old
Requested by
Host: sonichits.com
URL: https://sonichits.com/tf.php?a=The%20Weeknd&t=Sacrifice
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.153.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Amazon) /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
cache-control
no-cache, must-revalidate
server
Apache/2.4.52 (Amazon)
content-type
image/gif
content-length
42
expires
Sat, 26 Jul 1997 05:00:00 GMT
flex.min.css
srv.tunefindforfans.com/showads/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://srv.tunefindforfans.com/showads/css/flex.min.css
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/showads/adunit.php?id=100004491&di=&subtag=&search=&artist=The%20Weeknd&song=Sacrifice&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1643687649056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.153.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Amazon) /
Resource Hash
d0bdffc356ed0615540f4cac598814aeb24dbfe2a3ae87c5292dac0dfd35db20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 17:14:51 GMT
server
Apache/2.4.52 (Amazon)
etag
"12d8-5d3d360568ef9-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=60, public
accept-ranges
bytes
content-length
1347
expires
Tue, 01 Feb 2022 03:55:09 GMT
liveView.php
live.primis.tech/live/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/showads/adunit.php?id=100004491&di=&subtag=&search=&artist=The%20Weeknd&song=Sacrifice&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1643687649056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4aaa273d9d55db2a5558af6a893500f7a8884d4f21ddb3117d8832c9d5005612

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v121/ 		119 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v121/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:29:21 GMT
x-content-type-options
nosniff
age
548688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121784
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 19:29:21 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 00:14:34 GMT
x-content-type-options
nosniff
age
531575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 00:14:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 23:24:32 GMT
x-content-type-options
nosniff
age
534577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31272
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 23:24:32 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:14:48 GMT
x-content-type-options
nosniff
age
520761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24756
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 03:14:48 GMT
imp.php
srv.tunefindforfans.com/showads/track/ Frame 5008 		42 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv.tunefindforfans.com/showads/track/imp.php?cid=99928959&aid=100004323&artist=The+Weeknd&song=Sacrifice&search=&b=Chrome_97&cs=1&uri=https%3A%2F%2Fsonichits.com%2F&t=1643687649&subtag=&ldmo=&adid=12911781&creative_id=500137385&caph=0&capv=0&atv=old
Requested by
Host: sonichits.com
URL: https://sonichits.com/tf.php?s=1&a=The%20Weeknd&t=Sacrifice
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.153.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Amazon) /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
cache-control
no-cache, must-revalidate
server
Apache/2.4.52 (Amazon)
content-type
image/gif
content-length
42
expires
Sat, 26 Jul 1997 05:00:00 GMT
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sonichits.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-length
0
vary
Origin, Access-Control-Request-Headers
access-control-allow-origin
https://sonichits.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
content-type
access-control-max-age
3600
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683c9fe9319259-FRA
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.43.4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sonichits.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 01 Feb 2022 03:54:09 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://sonichits.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
809493626
age
0
via
1.1 varnish
liveView.php
live.primis.tech/live/ Frame 20B4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727&x=640&y=440&cbuster=1643687649&pubUrlAuto=https%3A%2F%2Fsonichits.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
0771fd95016ce644415371f0276cf12cf266625dbb489b1e7577f4cfe57ec9e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
imp.php
srv.tunefindforfans.com/showads/track/ 		42 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv.tunefindforfans.com/showads/track/imp.php?cid=99928959&aid=100004491&artist=The+Weeknd&song=Sacrifice&search=&b=Chrome_97&cs=1&uri=https%3A%2F%2Fsonichits.com%2F&t=1643687649&subtag=&ldmo=&adid=12911681&creative_id=500137140&caph=0&capv=0&atv=old
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.153.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-153-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Amazon) /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
cache-control
no-cache, must-revalidate
server
Apache/2.4.52 (Amazon)
content-type
image/gif
content-length
42
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
sonichits.com/css/ 		55 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sonichits.com/css/?t=late&v=1628571030
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f7b4bbf3e4fcea26e790ff48c8d3fdd03399979d871d05c7f22885cdb9baea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
584107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
cache
last-modified
Tue, 25 Jan 2022 09:39:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJxSn0JSFdslHeh15PhWnycYYLWDHc7NDN4duZQ95BydJneK9Ex0OBaOPdITfTgOb3psc8uWZlOXwy%2B3aYZkYYs1qPfnbK67vCcuOgmU81XmfRHQoG2LcNxTgg5VHr8nLzbvnugFVcCUxAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
6d683c9f99559214-FRA
expires
Wed, 25 Jan 2023 09:39:02 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8d942962a01c4c93cf18a83256e0d5247c7818fb544153f020d566bdbb0e7b1f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 01 Feb 2022 03:54:09 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
02bdb4c7-da65-4c58-939b-fbeb3fdb01d5
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sonichits.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/213651/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/213651/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sonichits.com
pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
hb
ssc.33across.com/api/v1/ 		65 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b65d811829733883aa5577cf3396c91bd3be7e181348740ddf1f2a193a429d95

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sonichits.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		65 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0bdb28f3da9b2dc45c5347673a4d74d9917647a6d9389b789d8518e765bced98

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sonichits.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f8ffa52c4542ba54b0a20cf88b256462b35b538197559923ffc3e8aca5825191
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:09 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0b28299f-e749-41c4-9f6a-fa0804feb2ca
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sonichits.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ex.ingage.tech/v1/ 		2 KB
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d25539bcb164a14ea93a0e6e42a4bcc301997dac47eff54a51d04af796f4a1

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sonichits.com
access-control-allow-credentials
true
cf-ray
6d683ca14e0f693a-FRA
/
hb.emxdgt.com/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1643687649229&src=pbjs
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
ROS
ads.us.e-planning.net/hb/1/25987/1/sonichits.com/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/25987/1/sonichits.com/ROS?rnd=0.9179842140173755&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=4.43.4&ncb...
  • https://ads.us.e-planning.net/hb/1/25987/1/sonichits.com/ROS?ct=1&r=pbjs&rnd=0.9179842140173755&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=...
406 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/25987/1/sonichits.com/ROS?ct=1&r=pbjs&rnd=0.9179842140173755&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsonichits.com%2F
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
537f20031f37cc91a323366338e238058b5ae4b81ef61048d58b743fe6b59a05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://sonichits.com
expires
Tue, 01 Feb 2022 03:54:09 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
406
x-sid
AMS-731

Redirect headers

date
Tue, 01 Feb 2022 03:54:09 GMT
server
openresty
access-control-allow-origin
https://sonichits.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/25987/1/sonichits.com/ROS?ct=1&r=pbjs&rnd=0.9179842140173755&e=300x250_0%3A300x250%2C320x100%2C320x50%2B300x250_1%3A300x250&ur=https%3A%2F%2Fsonichits.com%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsonichits.com%2F
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-731
insticator
insticator.technoratimedia.com/openrtb/bids/ 		68 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.43.4
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
a70bc118863cd5964f9964c89f134894800f253b9e41ec684c0054dbffb21e46

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sonichits.com
access-control-allow-credentials
true
x-varnish
731444807
content-length
86
via
1.1 varnish
cygnus
htlb.casalemedia.com/ 		37 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=579236&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2225702d47e573d33%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsonichits.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22a21f07e9-5126-46ba-b531-0e6f3057443b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222693c0c9a7985dd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2227146785ef14f4f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22289d7a4c35ba875%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22297f3a61ec4fd93%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0ade01fc1039783b8856963a06bc1013101747fc7f28b66710f2989f94220b57

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.163], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://sonichits.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 01 Feb 2022 03:54:09 GMT
header
hb.aralego.com/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B432AEA26A786D069E96DDE27397A&tdid=&schain=1.0%2C1!insticator.com%2Ca21f07e9-5126-46ba-b531-0e6f3057443b%2C1%2C%2C%2C&eids=&host=sonichits.com&u=https%3A%2F%2Fsonichits.com&xr=0&ucfUid=110aa0c6-b82a-4944-acfe-0ab9511f3ed0&w=320&h=100
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:09 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B432AEA26A786D069E96DDE27397A&tdid=&schain=1.0%2C1!insticator.com%2Ca21f07e9-5126-46ba-b531-0e6f3057443b%2C1%2C%2C%2C&eids=&host=sonichits.com&u=https%3A%2F%2Fsonichits.com&xr=0&ucfUid=110aa0c6-b82a-4944-acfe-0ab9511f3ed0&w=300&h=250
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:09 GMT
access-control-allow-credentials
true
connection
close
prebid-request
onetag-sys.com/ 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://sonichits.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
trinity.json
apex.go.sonobi.com/ 		116 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2237bc27a32af76a1%22%3A%22762d5943d8c09455289e%7C320x100%2C320x50%2C300x250%22%2C%22389b3158171b923%22%3A%221c1541a93617ea6cc084%7C300x250%22%7D&ref=https%3A%2F%2Fsonichits.com%2F&s=aa93762a-3ba3-46d2-9fe6-f862bc0017c9&pv=ce140a51-7742-4ff5-b1a8-901e260847be&vp=desktop&lib_name=prebid&lib_v=4.43.4&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22a21f07e9-5126-46ba-b531-0e6f3057443b%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
193a42b6ed1ed56af5c65a73ada2affb24534d533f7d697f7cddf5f4c7c05fe0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:09 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://sonichits.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
141
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:09 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
arj
insticator-d.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsonichits.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6573ed8a-7fc8-4aa9-b242-d29a12487d91%2C5d883e42-f3f1-4441-a268-d4b4658211db&nocache=1643687649239&schain=1.0%2C1!insticator.com%2Ca21f07e9-5126-46ba-b531-0e6f3057443b%2C1%2C%2C%2C&aus=320x50%2C300x250%7C300x250&divids=div-insticator-ad-1%2Cdiv-insticator-ad-2&aucs=%2C&auid=545647789%2C545647789
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
bd25162bd79a386d9fc8dccdc0cf3b5d39e858786a7abf0cc2308621eea52334

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://sonichits.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js?_=1643687648575
Requested by
Host: sonichits.com
URL: https://sonichits.com/js/?v=1636681992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
date
Tue, 01 Feb 2022 03:54:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17857
expires
Tue, 01 Feb 2022 05:54:09 GMT
css2
fonts.googleapis.com/ 		5 KB
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;700&display=swap
Requested by
Host: sonichits.com
URL: https://sonichits.com/js/?v=1636681992
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0bcee2446f8299d948a41b137b2c52f37bbed3f15db0cb5382551339d6eab432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 03:54:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 01 Feb 2022 03:54:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Feb 2022 03:54:09 GMT
newsprite_retina3.png
sonichits.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonichits.com/img/newsprite_retina3.png
Requested by
Host: sonichits.com
URL: https://sonichits.com/css/?t=late&v=1628571030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61997e67cda6605b2e0762371d54b823af2f519eb37eacd10e721204125e28be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/css/?t=late&v=1628571030
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
584107
cf-polished
origFmt=png, origSize=5897
content-disposition
inline; filename="newsprite_retina3.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4824
last-modified
Fri, 06 Dec 2019 01:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1fO7geMiacPsBUK2r2pSVbPopZ6kaCL86qS%2FZNxZCrY1DY00zOWrZriSx0ZfWvmVg%2B0qbCpXo92t%2BhvRGD8VPE0gv5oVlsxqXTZwgc5tji%2BF6yYK4foBzpIZq0Iv0%2F21x%2FVU%2BI%2FJivEZlY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 24 Feb 2022 09:39:02 GMT
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6d683c9ff99d9214-FRA
cf-bgj
imgq:85,h2pri
truncated
/ 		755 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cb200de113f12a3afed5d5c7ea85276b402f32ff19bd8732cce5a997192235b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6e164ec87dafa0b43317a99b4912b38c43712d255beb48d79c91ad9ce37ecab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
relatedVideos
sonichits.com/api/ 		24 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sonichits.com/api/relatedVideos?artist=The+Weeknd&track=Sacrifice&cb=12022
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17c58acb7c55041f8df39903deb382768ef4b5ca697bbc54fd64e67c6a0ee032

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://sonichits.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX0ArBCXULeCAeQ9zi8cF6Z2l3IGW4m6P2exSHxbVp1qUXixiXK%2FlTf6uBzjlIkdngVE1IPKXjHhfw1KMUywUaISVTe5k48RlGyzon3mCGZnhymxnT14HyuKghgURsXvHBlvOExtSjTSn28%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sonichits.com/
cache-control
public, max-age=0
cf-ray
6d683ca019b19214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 01 Feb 2022 03:54:09
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 20B4 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727&x=640&y=440&cbuster=1643687649&pubUrlAuto=https%3A%2F%2Fsonichits.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 01 Feb 2023 03:54:08 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 20B4 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727&x=640&y=440&cbuster=1643687649&pubUrlAuto=https%3A%2F%2Fsonichits.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 01 Feb 2023 03:54:09 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 20B4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727&x=640&y=440&cbuster=1643687649&pubUrlAuto=https%3A%2F%2Fsonichits.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 01 Feb 2023 03:54:09 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 20B4 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727&x=640&y=440&cbuster=1643687649&pubUrlAuto=https%3A%2F%2Fsonichits.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 01 Feb 2023 03:54:08 GMT
prebidVid.5.18.0_8.min.js
live.primis.tech/content/prebid/ Frame 20B4 		478 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727&x=640&y=440&cbuster=1643687649&pubUrlAuto=https%3A%2F%2Fsonichits.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5fb143acb6c2530794155476810cebbd511a5b51399ae7ed92f77e6bf7d2cf55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 13:46:33 GMT
server
nginx
etag
W/"61e967b9-777e2"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 01 Feb 2023 03:54:09 GMT
liveVideo.php
live.primis.tech/live/ Frame 20B4 		621 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727&x=640&y=440&cbuster=1643687649&pubUrlAuto=https%3A%2F%2Fsonichits.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
34a4ce20fbf0912702b627e6bdf3e5efa91ad2eadb56fa016a7f5068413a438d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:27:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 01 Feb 2022 04:27:47 GMT
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 20B4 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:39:49 GMT
content-encoding
gzip
age
859
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
09Y2VARQYVTYDQ556N4J
etag
8d3665a9b316600491247ca6d78c204c
vary
Accept-Encoding
x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
OWKyPPRfqWtODNkq0_wdvkvNjvGN25EFoXhrn9HULSQElw3RmFExhw==
css
fonts.googleapis.com/ Frame 8D5C 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 02:23:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 01 Feb 2022 03:54:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Feb 2022 03:54:09 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 02:23:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 01 Feb 2022 03:54:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Feb 2022 03:54:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:59:49 GMT
x-content-type-options
nosniff
age
550460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 18:59:49 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9E90 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=155904
expires
Wed, 02 Feb 2022 23:12:33 GMT
date
Tue, 01 Feb 2022 03:54:09 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 0D25
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=94&advUuid=9c6082f0-8312-11ec-9c89-1cf699440206
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=94&advUuid=9c6082f0-8312-11ec-9c89-1cf699440206
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 03:54:09 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 01 Feb 2022 03:54:09 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=94&advUuid=9c6082f0-8312-11ec-9c89-1cf699440206
X-fe
6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame E49A 		43 B
131 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Tue, 01 Feb 2022 03:54:09 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame F55A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
6720100f58e20389c3add680bb69f6b1d4c894e34750aa263ac79940b43f4b5a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

Server
VertaMedia 1.0
Date
Tue, 01 Feb 2022 03:54:09 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
901
Access-Control-Allow-Origin
https://sonichits.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 20B4 		77 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1MmAyMxZ2nWRyo181ZwU4NmyvN2QkZDEkODUlMmElODt5JTJGqzyxNwFyYwZwMzQlNmVvNwY1MTx2ODIlOC5gpDQzqzyxX2NioaRyoaRsnWQ9MwA0ODtkOCZ2nWRsY29hqGVhqF9xZXNwPVBlnXyuozguK0Nbo3BlYSguozQeTzywnlgKo25uplgupzUeoz93K3BupzVhqHMzqzyxX2NioaRyoaRsqGy0oGU9UHJcrWFhn2EeQ2uipHJuK2FhZCgOnWNeK0ciozFmK2FlZSgho3pepGFlZW50plZ2nWRsY29hqGVhqF9xqXJuqGyiow02NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTYjNvZ5PTM0MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZmo25cY2ucqHMhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmIlRDMjMmE1RwMjMmU3RDqCNmMmMTM2MmpmOTMkMmAmNmM0N0Q3QwQmMmUmNmqEN0I1MmYmMmImOTp1NwE1NmRFNxY2MTU4NTI3QTRDNxQ0RTp2NwI1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNEMmMTMkMmpmNmM1N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MTt1LwIkMl4kNTUhMTYmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5Nl4jLwQ2OTIhNmEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYzFhZHNcoaRiq24hY29gJTJDMTt5MlUlQmEzpGkurWVlQXBcSWQ9JzNmqXVcZD02MWY4YWVyMTM0OTQjJzNvqXN0ZXI9MTY0MmY4NmY0OTU3MSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1794779f1a4fb70a636d0a4ebe0fdd403095d091231210e2cacdf9166629ddc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://sonichits.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
7676
liveView.php
live.primis.tech/live/ Frame 20B4 		77 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1MmAyMxZ2nWRyo181ZwU4NmyvN2QkZDEkODUlMmElODt5JTJGqzyxNwFyYwZwMzQlNmVvNwY1MTx2ODIlOC5gpDQzqzyxX2NioaRyoaRsnWQ9MwA0ODtkOCZ2nWRsY29hqGVhqF9xZXNwPVBlnXyuozguK0Nbo3BlYSguozQeTzywnlgKo25uplgupzUeoz93K3BupzVhqHMzqzyxX2NioaRyoaRsqGy0oGU9UHJcrWFhn2EeQ2uipHJuK2FhZCgOnWNeK0ciozFmK2FlZSgho3pepGFlZW50plZ2nWRsY29hqGVhqF9xqXJuqGyiow02NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZmo25cY2ucqHMhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmIlRDMjMmE1RwMjMmU3RDqCNmMmMTM2MmpmOTMkMmAmNmM0N0Q3QwQmMmUmNmqEN0I1MmYmMmImOTp1NwE1NmRFNxY2MTU4NTI3QTRDNxQ0RTp2NwI1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNEMmMTMkMmpmNmM1N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MTt1LwIkMl4kNTUhMTYmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5Nl4jLwQ2OTIhNmEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYzFhZHNcoaRiq24hY29gJTJDMTt5MlUlQmEzpGkurWVlQXBcSWQ9JzNmqXVcZD02MWY4YWVyMTM0OTQjJzNvqXN0ZXI9MTY0MmY4NmY0OTU3MSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e9472a765aaa6c8bf119aabbdb0803855eb04472e054a5b567d2c8b8156a306a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://sonichits.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
7668
liveView.php
live.primis.tech/live/ Frame 20B4 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1MmAyMxZ2nWRyo181ZwU4NmyvN2QkZDEkODUlMmElODt5JTJGqzyxNwFyYwZwMzQlNmVvNwY1MTx2ODIlOC5gpDQzqzyxX2NioaRyoaRsnWQ9MwA0ODtkOCZ2nWRsY29hqGVhqF9xZXNwPVBlnXyuozguK0Nbo3BlYSguozQeTzywnlgKo25uplgupzUeoz93K3BupzVhqHMzqzyxX2NioaRyoaRsqGy0oGU9UHJcrWFhn2EeQ2uipHJuK2FhZCgOnWNeK0ciozFmK2FlZSgho3pepGFlZW50plZ2nWRsY29hqGVhqF9xqXJuqGyiow02NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTYjNvZ5PTM0MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZmo25cY2ucqHMhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmIlRDMjMmE1RwMjMmU3RDqCNmMmMTM2MmpmOTMkMmAmNmM0N0Q3QwQmMmUmNmqEN0I1MmYmMmImOTp1NwE1NmRFNxY2MTU4NTI3QTRDNxQ0RTp2NwI1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNEMmMTMkMmpmNmM1N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MTt1LwIkMl4kNTUhMTYmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5Nl4jLwQ2OTIhNmEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkYzFhZHNcoaRiq24hY29gJTJDMTt5MlUlQmEzpGkurWVlQXBcSWQ9JzNmqXVcZD02MWY4YWVyMTM0OTQjJzNvqXN0ZXI9MTY0MmY4NmY0OTU3NCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5b5da262b5f028a42707a671274f90ae3bae51974519325584fcec78762b779b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:08 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://sonichits.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3655
vid61eb6c2d275b6651968228_thumb.jpg
video.primis.tech/uploads/cn19/video/users/converted/28530/video_5f5879b7d1d11852312889/ Frame 8D5C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/28530/video_5f5879b7d1d11852312889/vid61eb6c2d275b6651968228_thumb.jpg?cbuster=1642818610
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
f89dbddf559988866ea9bb008354630f0f7fd9f82eb208ff5cac609808aaeb68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified
Sat, 22 Jan 2022 02:30:48 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"60a72fa33f12488a06847bfa847338e5"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 15 Feb 2022 03:54:09 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3282
x-amz-cf-id
u93cZ7fc6Im7zyHJlpCvIwKhmuUHt8LyHHa_jZE3wM-x25YpaC4xGg==
x-proxy-cache
HIT
vid61d6741042755616909475_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/29874/video_5ffd67c61a4a3816983584/ Frame 8D5C 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/29874/video_5ffd67c61a4a3816983584/vid61d6741042755616909475_thumb.jpg?cbuster=1641444401
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
94d2a42ab331781032ea9e3963d846efb4ce0a2f0b7e7c38181e505848aedcb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
via
1.1 d78b645a0212e56f1a04609bf83554e4.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jan 2022 04:48:06 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"1ed5f809bc79a761ae801432e5bda5f2"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 15 Feb 2022 03:54:09 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1469
x-amz-cf-id
ZlvgmoAU5gNylknm4Ty11zNdPghHtcVIsbQEYTAgm5GcEmC8zMgtiA==
x-proxy-cache
HIT
vid61f826643b358049828703_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/24485/video_5f6b15c140ca5496036553/ Frame 8D5C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/24485/video_5f6b15c140ca5496036553/vid61f826643b358049828703_thumb.jpg?cbuster=1643652725
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
a9c97ad607ee15393bf20e97304590bfefe3c1bb75d1028e6f6b58a2d997bb64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
last-modified
Mon, 31 Jan 2022 18:17:18 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"389160ebfe11245192d611d0d888176a"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 15 Feb 2022 03:54:09 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3559
x-amz-cf-id
E8DSOLZBK_OU1inHRlFx0dB0vDpvzRldWGG8lYubUETDlWrLndpwMg==
x-proxy-cache
HIT
vid61f884aae379d185339905_thumb.jpg
video.primis.tech/uploads/cn4/video/users/converted/24485/video_5f6b15c140ca5496036553/ Frame 8D5C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn4/video/users/converted/24485/video_5f6b15c140ca5496036553/vid61f884aae379d185339905_thumb.jpg?cbuster=1643676852
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
9846ee922dce007acfbf9975c01a92e41e5917f7eaff02de364becb337e56aea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified
Tue, 01 Feb 2022 01:05:18 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"53f28f8514699d2cb49cc220875cbbcb"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 15 Feb 2022 03:54:09 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2803
x-amz-cf-id
hEJkMaS1Eae3Om52-nsyXNAC0uwhhxG6IQrVK11rSgVThJo12rApHA==
x-proxy-cache
HIT
vid618f1f0ead4ec069889579_thumb.jpg
video.primis.tech/uploads/cn25/video/users/converted/24485/video_5d0f5c369fc2e913293596/ Frame 8D5C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn25/video/users/converted/24485/video_5d0f5c369fc2e913293596/vid618f1f0ead4ec069889579_thumb.jpg?cbuster=1636769560
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
7c2d8f0cc351c3db28e3e112332ae175ca55c326a18e9db8ee2608186489705a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
via
1.1 c4005d49d3278d7f5583e8e506f5ced0.cloudfront.net (CloudFront)
last-modified
Sat, 13 Nov 2021 02:14:00 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"8c90719f601ac34a20ed69d9273e8e72"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 15 Feb 2022 03:54:09 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2084
x-amz-cf-id
os7bmld6IQb1APcjv5hOorDnABePHuoERiJscTz8ejLZZ58k2bBsvQ==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0MmY4NmY0OSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4ODUmJaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXNiozywnGy0pl5wo20zp3VvSWQ9p29hnWNbnXRmLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmIlRDMjMmE1RwMjMmU3RDqCNmMmMTM2MmpmOTMkMmAmNmM0N0Q3QwQmMmUmNmqEN0I1MmYmMmImOTp1NwE1NmRFNxY2MTU4NTI3QTRDNxQ0RTp2NwI1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmNDMjN0Q3QwU5MmQmNDMjN0Q3QwY2MmE3RDqCNEMmMTMkMmpmNmM1N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTE4NS4lMTMhMTU1LwE2MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nl4jLwQ2OTIhNmEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkZwuuZWUkMmQ5NDAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0MmY4NmY0OTU2NvZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWY4YWVyMTYjNTQ4JaB1YyVloD1bqHRjplUmQSUlRvUlRaNiozywnGy0pl5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 20B4 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.100.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-100-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 20B4
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=93&advUuid=114f25cb-5954-4e09-84eb-98c215022735
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=93&advUuid=114f25cb-5954-4e09-84eb-98c215022735
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=93&advUuid=114f25cb-5954-4e09-84eb-98c215022735
date
Tue, 01 Feb 2022 03:54:09 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 20B4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=99&advUuid=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=99&advUuid=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=99&advUuid=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Tue, 01 Feb 2022 03:54:09 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 20B4
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D2364040295132...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2364040295132926877994
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2364040295132926877994
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Server
52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-42.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2364040295132926877994
cache-control
no-store
content-type
text/html; charset=utf-8
sync.php
pixel.rubiconproject.com/exchange/ Frame 20B4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
750589468d5634b7e99830971becaf64
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 20B4
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=105&advUuid=5931503064749152372
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=105&advUuid=5931503064749152372
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:09 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5707a123-3445-41c9-8914-388160331911
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61f8aee134940&pixel=&advId=105&advUuid=5931503064749152372
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid61eb6c2d275b6651968228.jpg
video.primis.tech/uploads/cn19/video/users/converted/28530/video_5f5879b7d1d11852312889/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/28530/video_5f5879b7d1d11852312889/vid61eb6c2d275b6651968228.jpg?cbuster=1642818610
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
b51cb0cd905a52c2e123bb6cfe99a60eabcebf88dbc26594e435c5d53f6a8af1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Sat, 22 Jan 2022 02:30:47 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"fd9fa68a79e93556c640daebe12e16c8"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 15 Feb 2022 03:54:09 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
23006
x-amz-cf-id
UOahVPdb1c578EzfiBvqHmfSAa_Tmm5TOL8JLkTfjzeW8XldQSMIDg==
x-proxy-cache
HIT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=293997418&t=pageview&_s=1&dl=https%3A%2F%2Fsonichits.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=SonicHits%20%7C%20Lyrics%2C%20Song%20Meanings%2C%20Music%20Videos%2C%20Full%20Albums%20%26%20Artist%20Biographies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUAjAAAAAC~&jid=2006614130&gjid=617625756&cid=1060605773.1643687649&tid=UA-48241384-2&_gid=462759324.1643687649&_r=1&_slc=1&z=1980292892
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8D5C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:59:49 GMT
x-content-type-options
nosniff
age
550460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 18:59:49 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-48241384-2&cid=1060605773.1643687649&jid=2006614130&gjid=617625756&_gid=462759324.1643687649&_u=aGDAAUAjAAAAAC~&z=163143350
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 01 Feb 2022 03:54:09 GMT
content-type
text/plain
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 20B4 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop
FRA56-P3
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Tue, 01 Feb 2022 03:54:11 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-id
XOIonTPac7HT5c04LEkFaXFhK8f2M6_1-0b1DZrjU8jlRANAvR-y9Q==
hqdefault.jpg
img.youtube.com/vi/LjhCEhWiKXk/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/LjhCEhWiKXk/hqdefault.jpg
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e3e43a69b0b23abe6903d48246d901a0333dc65f4d0a3092d16fb43a0ca9703
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:02:39 GMT
x-content-type-options
nosniff
age
3090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20005
x-xss-protection
0
server
sffe
etag
"1393796895"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Feb 2022 05:02:39 GMT
hqdefault.jpg
img.youtube.com/vi/PexGMPD1fGI/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/PexGMPD1fGI/hqdefault.jpg
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
067b91dd9e8491f48d0206f420632fed4632c201b7ecc544452db3f6839ec83b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 02:35:31 GMT
x-content-type-options
nosniff
age
4718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11679
x-xss-protection
0
server
sffe
etag
"1371627328"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Feb 2022 04:35:31 GMT
hqdefault.jpg
img.youtube.com/vi/Ndb6PscYX2U/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/Ndb6PscYX2U/hqdefault.jpg
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3a5e95f67f4eb3c4169ce4d9c9d5af3f65fbb8c078109552c566df80823bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15587
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Feb 2022 05:54:09 GMT
hqdefault.jpg
img.youtube.com/vi/TUj0otkJEBo/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/TUj0otkJEBo/hqdefault.jpg
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8391de0f0cad42cb92cac80ddcb8626067930506679f2cc3655240e3912ca37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:51:09 GMT
x-content-type-options
nosniff
age
180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18189
x-xss-protection
0
server
sffe
etag
"1407323597"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Feb 2022 05:51:09 GMT
hqdefault.jpg
img.youtube.com/vi/VViKkbpiA9I/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/VViKkbpiA9I/hqdefault.jpg
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c44ce254de13f32686a947f940aaca6f4dd5dcc249299e317d691f481728353a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13549
x-xss-protection
0
server
sffe
etag
"1564009815"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Feb 2022 05:54:09 GMT
6a520a662b0d30646781d03ade00625a.webp
lastfm.freetls.fastly.net/i/u/300x300/
Redirect Chain
  • https://sonichits.com/artist_image/RG9qYSBDYXQ=/ZGIzMzZlZjNhYTg0NmJkZTYyZDdkNTkwZjM1NmQ2YTA=/extralarge
  • https://lastfm.freetls.fastly.net/i/u/300x300/6a520a662b0d30646781d03ade00625a.webp
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lastfm.freetls.fastly.net/i/u/300x300/6a520a662b0d30646781d03ade00625a.webp
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Server
2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty/1.7.7.2 /
Resource Hash
208d803b1e84d2b1017f3740070270801590cebe44a04e381812203fc9379bd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 varnish
age
609523
x-cache
HIT
content-length
17420
x-served-by
cache-hhn4044-HHN
server
openresty/1.7.7.2
x-timer
S1643687650.180347,VS0,VE0
etag
"94b6e4740f81ec76f544324ec095e4d180220bc7"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=311040000; public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1

Redirect headers

pragma
cache
date
Tue, 01 Feb 2022 03:54:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FISy%2BTO%2FaeA40W0AFGgYd4aGnMmWhdgoDrOxQWMvq61qxGcEIOd%2BMs7F1eAYLs8p%2F6Khm69GQqsBE5QYT6c8cMsR%2FNnrb0NHlKe%2BpRW37XEkDS6NvtiU9Lkfy6n%2F%2BVd1iUiwVvVsg7s7NpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://lastfm.freetls.fastly.net/i/u/300x300/6a520a662b0d30646781d03ade00625a.webp
cache-control
public, max-age=1209600
cf-ray
6d683ca2dbb59214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 15 Feb 2022 03:54:10 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sonichits.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 01 Feb 2022 03:54:09 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://sonichits.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
translator
hbopenbid.pubmatic.com/ Frame 20B4 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 Philadelphia, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 20B4 		67 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1643687649802&pKey=1479735721&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fsonichits.com%2F&playerSize=606x341&schain=1.0%2C1!bandsintown.com%2C1893%2C1%2C%2C%2C!primis.tech%2C20535%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://sonichits.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1643687649381050-593
Expires
Tue, 01 Feb 2022 03:54:10 GMT
cygnus
htlb.casalemedia.com/ Frame 20B4 		36 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2259f1fbe23ac02e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsonichits.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2260484c38fb9318%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22dfp_ad_unit_code%22%3A%22%2F108853%22%2C%22sid%22%3A%22606x341%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B606%2C341%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A606%2C%22h%22%3A341%7D%2C%22bidfloor%22%3A2.6%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22bandsintown.com%22%2C%22sid%22%3A%221893%22%2C%22hp%22%3A1%7D%2C%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2220535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9362d229102d521679ee89cd31fa75bb6c2dde24d66c050262f5fc2c14e3d15e

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.163], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://sonichits.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 01 Feb 2022 03:54:09 GMT
v1
prg.smartadserver.com/prebid/ Frame 20B4 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://sonichits.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
openrtb
adx.adform.net/adx/ Frame 20B4 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-48241384-2&cid=1060605773.1643687649&jid=2006614130&_u=aGDAAUAjAAAAAC~&z=1181388757
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-48241384-2&cid=1060605773.1643687649&jid=2006614130&_u=aGDAAUAjAAAAAC~&z=1181388757
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9E90 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50071022&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61f8aee134940%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:08 GMT
content-length
0
/
track.adform.net/adfscript/ Frame 0999 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=49825729;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.055721-zlE_H8cYZA_I4ZkaX4ME2KHoaHGPnIfP0;rtbr=5168442275194918913_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fsonichits.com%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=KOxY41NIkNlomp5GGAndOPMZAIDXExHvyUKOq5kIlKyd8D-z15plohpfsBESq1xGuqk7ELp8gbUL0UPvjGbRNDZ7gjLd0z6313zn-Dxf3LGg0R25zdmY8B1y2YUQ31okvvboOZ-j9oAJ5qBnS7G0RUvOK6dv0wsoYJgtcTbkkg5VvUeGEyAG0hUCzFW9muloaEWw94jnZC56l5ZoyNiS8kHhIpkoas3H0;rtbtest=0
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
20d0e07d01f4bd7a60486200c8b0882aac55bb48326117ae23a0ce91bc061a91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
966
expires
-1
trk.js
cdn.adnxs.com/v/s/222/ Frame 0999 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/222/trk.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:09 GMT
Content-Encoding
gzip
Age
4209144
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29209
X-Served-By
cache-lga21964-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Tue, 14 Dec 2021 10:40:55 GMT
Server
AkamaiNetStorage
X-Timer
S1643687650.983331,VS0,VE0
ETag
"27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1362351, 3807753
it
fra1-ib.adnxs.com/ Frame 0999 		0
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fsonichits.com%252F&e=wqT_3QK9BMg9AgAAAwDWAAUBCOHd4o8GEIGw6_jZ2__cRxgAKjYJKHB87n2HrD8RulkwJcvSpj8ZAAABAgwMQCG6DRIEKSgNJNAxAAAAQDMzwz8wh6-TCjixSUD2CEhbULfKgZYBWNafbmAAaILwrgF4-cgEgAEBigEDVVNEkgUG9A4BmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTUdQNFJjUXJRbz3YAt3EAeACjKVI6gIWaHR0cHM6Ly9zb25pY2hpdHMuY29tL4ADAIgDAZADAJgDF6ADAaoDJxoVNTE2ODQ0MjI3NTE5NDkxODkxM18xKgQ1MDY5Ogg0OTgyNTcyOcADrALIAwDYA5e_VeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjOoBACyBA8IABABGMACIGQoADAAOAK4BADABADIBADaBAIIAeAEAfAEt8qBlgGIBQGYBQCgBaavw4Syid-hd8AFAMkFACFhGADwP9IFCQkFC3wAAADYBQHgBQHwBam7QPoFBAgAEACQBgCYBgC4BgDBBgEhATEk0Aau8gHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB_nIBNIHDRV3ATgI2gcGCSdE4AcA6gcCCADwB-z7A4oIAhAA&s=f2a5f00dd7c7f715598b80e1135fe39dc5f5e4ce
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:09 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
aa1afc63-12b4-4985-a928-01ded839aca5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame FA04 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=49927110;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.055721-zlE_H8cYZA_I4ZkaX4ME2KHoaHGPnIfP0;rtbr=2046596850595093403_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fsonichits.com%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=KOxY41NIkNlomp5GGAndOPMZAIDXExHv2PnDwKHIW5d1JvPKi12gbSU7WZephFqiuqk7ELp8gbUL0UPvjGbRNDZ7gjLd0z6313zn-Dxf3LGg0R25zdmY8B1y2YUQ31okvvboOZ-j9oAJ5qBnS7G0RUvOK6dv0wsoYJgtcTbkkg5VvUeGEyAG0hUCzFW9muloaEWw94jnZC56l5ZoyNiS8kHhIpkoas3H0;rtbtest=0
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
069fa425bdbf13039ef386d38f28669f14a4ce2ab4c80fb343b68616c8dd63e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
968
expires
-1
trk.js
cdn.adnxs.com/v/s/222/ Frame FA04 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/222/trk.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:10 GMT
Content-Encoding
gzip
Age
4209144
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29209
X-Served-By
cache-lga21964-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Tue, 14 Dec 2021 10:40:55 GMT
Server
AkamaiNetStorage
X-Timer
S1643687650.000661,VS0,VE0
ETag
"27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1362351, 3807754
it
fra1-ib.adnxs.com/ Frame FA04 		0
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fsonichits.com%252F&e=wqT_3QK-BMg-AgAAAwDWAAUBCOHd4o8GEJu3nbHgn76zHBgAKjYJKHB87n2HrD8RulkwJcvSpj8ZAAABAgwMQCG6DRIEKSgNJNAxAAAAQDMzwz8wh6-TCjixSUD2CEhbUKbzsJYBWNafbmAAaILwrgF4-cgEgAEBigEDVVNEkgUG9A4BmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTWFuNXhjUXJRbz3YAt3EAeACjKVI6gIWaHR0cHM6Ly9zb25pY2hpdHMuY29tL4ADAIgDAZADAJgDF6ADAaoDJxoVMjA0NjU5Njg1MDU5NTA5MzQwM18xKgQ1MDY5Ogg0OTkyNzExMMADrALIAwDYA5e_VeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKbzsJYBiAUBmAUAoAWmr8OEsonfoXfABQDJBSFhHAAA8D_SBQkJCQx4AADYBQHgBQHwBcvhQPoFBAgAEACQBgCYBgC4BgDBBgklLPA_0Aau8gHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB_nIBNIHDRV3ATgI2gcGCSdE4AcA6gcCCADwB-z7A4oIAhAA&s=61ac86f034eb07c31e6223544ba83e0460de5ae6
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
de035194-0952-4bf7-b33c-9be04a5b169e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
protected-by.clarium.io/ Frame 0999 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L3lpZWxkbmV4dXM6MzAweDI1MA==&v=5&s=v31fqpmm8kv&id=eyJwcmViaWQiOnsiYWRJZCI6IjQ1MWZmMjEyZGY0MzZmZiIsImNwbSI6MC4wMTc4MzA4LCJzIjoiZGl2LWluc3RpY2F0b3ItYWQtMSIsInNyYyI6ImNsaWVudCJ9LCJ0cF9jcmlkIjoiUEI6eWllbGRuZXh1czszMTQ1OTg3MTEifQ%3D%3D&sb=undefined&cb=8856851&h=sonichits.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwzbHBaV3hrYm1WNGRYTTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJ5aWVsZG5leHVzIl0sImhiX3NpemUiOlsiMzAweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.251.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-251-199.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
protected-by.clarium.io/ Frame FA04 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L3lpZWxkbmV4dXM6MzAweDI1MA==&v=5&s=v31fqpmm8md&id=eyJwcmViaWQiOnsiYWRJZCI6IjQ2YzRlNzQ1NDQzMWMwZiIsImNwbSI6MC4wMTc4MzA4LCJzIjoiZGl2LWluc3RpY2F0b3ItYWQtMiIsInNyYyI6ImNsaWVudCJ9LCJ0cF9jcmlkIjoiUEI6eWllbGRuZXh1czszMTUzNzM5OTAifQ%3D%3D&sb=undefined&cb=1172617&h=sonichits.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwzbHBaV3hrYm1WNGRYTTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJ5aWVsZG5leHVzIl0sImhiX3NpemUiOlsiMzAweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.251.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-251-199.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
product.instiengage.com/ceu-code/ Frame 2E08 		358 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:f600:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48384aef5e51c4ebf280ea528ab1990cf84396162d73dc706046b7b0387517bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
.s_5HxMgTnVeNkVcCdQU5cie33SNQVGX
content-encoding
br
last-modified
Thu, 06 Jan 2022 14:13:13 GMT
server
AmazonS3
age
2765
etag
W/"b808fd666c0a8e795be798b81ff9ce83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Tue, 01 Feb 2022 03:09:34 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
bBwCDo2nhin69ISeiYUuLj6YGITnQpFxS-Y1DVK0PyXHphKbEaC6mA==
csync
sync.console.adtarget.com.tr/ Frame 83AF 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Tue, 01 Feb 2022 03:54:09 GMT
Content-Length
0
Etag
aee4bd121621c541
csync
sync.console.adtarget.com.tr/ Frame 70AF 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Tue, 01 Feb 2022 03:54:09 GMT
Content-Length
0
Etag
aee4bd121621c541
csync
sync.console.adtarget.com.tr/ Frame FDD9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=G5dNE2nHJFkQJyrEvGuU&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=G5dNE2nHJFkQJyrEvGuU&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Tue, 01 Feb 2022 03:54:09 GMT
Content-Length
0
Etag
aee4bd121621c541

Redirect headers

date
Tue, 01 Feb 2022 03:54:10 GMT Tue, 01 Feb 2022 03:54:10 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=G5dNE2nHJFkQJyrEvGuU&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 3447 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
87c1a1544e82e3cbd5669f3779c532bbc3294e582807d52aa9bb0463d9dbf36b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Tue, 01 Feb 2022 03:54:10 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Tue, 01 Feb 2022 03:54:10 GMT
x-sid
AMS-731
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5C6C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=155903
expires
Wed, 02 Feb 2022 23:12:33 GMT
date
Tue, 01 Feb 2022 03:54:10 GMT
vary
Accept-Encoding
cookie
cm.adform.net/ Frame A7AD 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Tue, 01 Feb 2022 03:54:10 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame CA3C 		251 B
657 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.1.242 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-463.bunnyinfra.net
Software
BunnyCDN-IL1-463 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-IL1-463
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-storageserver
DE-51
cdn-fileserver
141
cdn-proxyver
1.0
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-cachedat
10/26/2021 01:32:42
cdn-edgestorageid
463
cdn-status
200
cdn-requestid
6befd0a6b126c5b194993d056dcd69ed
cdn-cache
HIT
content-encoding
gzip
pbsync.html
js.adscale.de/ Frame B26C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:1c00:f:4f64:8940:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
date
Tue, 01 Feb 2022 02:57:47 GMT
last-modified
Tue, 01 Feb 2022 02:57:44 GMT
etag
W/"5550fca00caf055568d6ced373f2721f"
cache-control
max-age=7200
x-amz-version-id
F5DvghsIzbNBPhJ7FiT3ps4mk0DJclz5
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
Se-E_nlwYOtozKVcUfE_Cq_rflevpnC1wFMhF0wbKb4z21MH4muAIQ==
age
3384
csync
sync.console.adtarget.com.tr/ Frame 74E6 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Tue, 01 Feb 2022 03:54:09 GMT
Content-Length
0
Etag
aee4bd121621c541
csync
sync.console.adtarget.com.tr/ Frame 7388 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Tue, 01 Feb 2022 03:54:09 GMT
Content-Length
0
Etag
aee4bd121621c541
csync
sync.console.adtarget.com.tr/ Frame F55A 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:09 GMT
Server
VertaMedia 1.0
Etag
aee4bd121621c541
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame F55A 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:09 GMT
Server
VertaMedia 1.0
Etag
aee4bd121621c541
Content-Length
43
Content-Type
image/gif
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 0999 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3155cd449a2085846e620747cc4f30dbf639cfcf5f4211e1c7224043e8806d45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 13:59:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 02 Feb 2022 07:10:09 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame FA04 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3155cd449a2085846e620747cc4f30dbf639cfcf5f4211e1c7224043e8806d45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 13:59:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 02 Feb 2022 07:10:09 GMT
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_embed-loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sonichits.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://sonichits.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_embed-in-view
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sonichits.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://sonichits.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
css
fonts.googleapis.com/ Frame 2E08 		4 KB
508 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
468bd6764eff264452e2cd22f06d3ccb569941caceff828cd1bc0374a4774eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 02:11:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 01 Feb 2022 03:54:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Feb 2022 03:54:10 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame 2E08 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
593373
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6GF4SHJ58K469W2X
x-amz-id-2
e4gsRgYLPWjgHDRt+ia1l8tfab/V3Od/yzSPhdaaszjPnxRyt+mkVV0buXMWXukKyIDlSlEJVvU=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sg2kPVi6eUbonG9cQ1%2BTl2mpSLzofkwxQFNLa6Rhc%2FPhKAIhUpAcJPDMbZd6qCBEBnQeIBh8LZOexrg%2Fw12yOBIo4rvBHG5CGwB5foAnixrQkGpAmxEStQVkJE0ejMWbVFzCk2JW9P6lvewhBOejZK8q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6d683ca599c96997-FRA
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=293997418&t=pageview&_s=1&dl=https%3A%2F%2Fsonichits.com%2F&dp=%2Ffbda09f1-2c7e-4d13-b979-9446a67e7d25&ul=en-us&de=UTF-8&dt=SonicHits%20%7C%20Lyrics%2C%20Song%20Meanings%2C%20Music%20Videos%2C%20Full%20Albums%20%26%20Artist%20Biographies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUAjAAAAAC~&jid=659178996&gjid=721651204&cid=1060605773.1643687649&tid=UA-123718506-11&_gid=462759324.1643687649&_r=1&_slc=1&z=1986595810
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.instiengage.com/json/ Frame 2E08 		243 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
69fa96ddf7d8a75e81ee6d9620e3dcee3fc235557811f6f0b38344a064621d43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:10 GMT
access-control-allow-credentials
true
x-database-date
Mon, 31 Jan 2022 22:25:44 GMT
content-length
243
vary
Origin
content-type
application/json
event
event.instiengage.com/v1/ Frame 2E08 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_embed-loaded
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:10 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 2E08 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_embed-in-view
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:10 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 2E08 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:c200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
201
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 01 Feb 2022 03:51:10 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
2129
x-amz-cf-id
ojir3n5wYUiWDn4rOVza8ysJ9IvjBh91Frc126CO2dTgKTdh_MWyFA==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame 2E08 		649 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:c200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
171
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 01 Feb 2022 03:51:41 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
649
x-amz-cf-id
vRr9Yaw37RKF1PKrrWNVawA_iu2_v-cCU-ndPX_PjJY91LCayg5vsw==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 2E08 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:c200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
age
172
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 01 Feb 2022 03:51:41 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
4833
x-amz-cf-id
YPghcZiuqcXq3nwGY-066ZbJSpz9qKTwcir2dXn2NZgcU640_vn-hQ==
um
u-ams02.e-planning.net/ Frame 3447
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4250c6da5369e790
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4250c6da5369e790
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4250c6da5369e790
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4250c6da5369e790
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 3447 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4250c6da5369e790%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
7dprekpjglfkau4bfh43jef65pg4t3kl
ptag
a.audrte.com/ Frame 3447 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-197.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
136ddf394493465215aa32a08a1725c1ec56e73808070bf34d275a2ea5276c30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:10 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 3447 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 31 Jan 2027 03:54:09 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 3447
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4250c6da5369e790
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Tue, 01 Feb 2022 03:54:10 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 3447
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4250c6da5369e790%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4250c6da5369e790&uid=5931503064749152372
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4250c6da5369e790&uid=5931503064749152372
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2b85b899-5177-4928-b295-8b298148cdad
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4250c6da5369e790&uid=5931503064749152372
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 420C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Feb 2022 03:54:10 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Tue, 01 Feb 2022 03:54:10 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0290 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4250c6da5369e790%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=155903
expires
Wed, 02 Feb 2022 23:12:33 GMT
date
Tue, 01 Feb 2022 03:54:10 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 3BBA 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
47a0a1b737e77a4a0f73e5e30ee6bcc73a09c2f532704d88d36bdc3d0dbda5ba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|81|152|221|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 01 Feb 2022 03:54:10 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Content-Length
1651
Connection
keep-alive
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame E418 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
H
cf4age
0
x-cf-tsc
1641922229
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fC.fra2:co:1585621119:cacheN.fra2-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame CBF9 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 6F71 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820bca33b119d8646f06dcc9b754e52651aebf53f72bc98b2c700b1e36d8d77f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683ca5dd859142-FRA
content-encoding
br
/
track.adform.net/adfserve/ Frame FA04 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=49927110;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.055721-zlE_H8cYZA_I4ZkaX4ME2KHoaHGPnIfP0;rtbr=2046596850595093403_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fsonichits.com%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=KOxY41NIkNlomp5GGAndOPMZAIDXExHv2PnDwKHIW5d1JvPKi12gbSU7WZephFqiuqk7ELp8gbUL0UPvjGbRNDZ7gjLd0z6313zn-Dxf3LGg0R25zdmY8B1y2YUQ31okvvboOZ-j9oAJ5qBnS7G0RUvOK6dv0wsoYJgtcTbkkg5VvUeGEyAG0hUCzFW9muloaEWw94jnZC56l5ZoyNiS8kHhIpkoas3H0;rtbtest=0;js=1;adfxid=1x;123;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fsonichits.com%2F
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
714aca0164a2204fd1ff38fced9863ee7117db122be51cf725b277d90e66f452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2323
expires
-1
/
track.adform.net/adfserve/ Frame 0999 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=49825729;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.055721-zlE_H8cYZA_I4ZkaX4ME2KHoaHGPnIfP0;rtbr=5168442275194918913_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fsonichits.com%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=KOxY41NIkNlomp5GGAndOPMZAIDXExHvyUKOq5kIlKyd8D-z15plohpfsBESq1xGuqk7ELp8gbUL0UPvjGbRNDZ7gjLd0z6313zn-Dxf3LGg0R25zdmY8B1y2YUQ31okvvboOZ-j9oAJ5qBnS7G0RUvOK6dv0wsoYJgtcTbkkg5VvUeGEyAG0hUCzFW9muloaEWw94jnZC56l5ZoyNiS8kHhIpkoas3H0;rtbtest=0;js=1;adfxid=2x;1282;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fsonichits.com%2F
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4c2d4526697d52f6d28409419eeb39b3b9051dd5103fd86ebf73852aff365ffb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2322
expires
-1
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123718506-11&cid=1060605773.1643687649&jid=659178996&gjid=721651204&_gid=462759324.1643687649&_u=aGDAAUAjAAAAAC~&z=1320914821
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 01 Feb 2022 03:54:10 GMT
content-type
text/plain
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
uu
ih.adscale.de/ Frame B26C
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1643687650
  • https://ih.adscale.de/uu?cbfn=receive&t=1643687650&nut&uu=cf6937bf63e847439fbb39898d3c870c
44 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1643687650&nut&uu=cf6937bf63e847439fbb39898d3c870c
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1f24961257ca243c8c2ce1ff5825867d8d74981e0e24356e5503cf101fae6505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1643687650&nut&uu=cf6937bf63e847439fbb39898d3c870c
date
Tue, 01 Feb 2022 03:54:10 GMT
content-length
0
event
event.insticator.com/v1/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:10 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://sonichits.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://sonichits.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=1060605773.1643687649&jid=659178996&_u=aGDAAUAjAAAAAC~&z=2037336889
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=1060605773.1643687649&jid=659178996&_u=aGDAAUAjAAAAAC~&z=2037336889
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rd_log
fra1-ib.adnxs.com/ Frame FA04 		0
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fsonichits.com%2F&e=wqT_3QLSBshSAwAAAwDWAAUBCOHd4o8GEIGw6_jZ2__cRxgAKjYJKHB87n2HrD8RulkwJcvSpj8ZAAABAgwMQCG6DRIEKSgNJNAxAAAAQDMzwz8wh6-TCjixSUD2CEhbULfKgZYBWNafbmAAaILwrgF4-cgEgAEBigEDVVNEkgUG9CQCmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTUdQNFJjUXJRbz3YAt3EAeACjKVI6gIWaHR0cHM6Ly9zb25pY2hpdHMuY29tL_ICLAoHRU5DX0NQTRIhemxFX0g4Y1laQV9JNFprYVg0TUUyS0hvYUhHUG5JZlAw8gLyAQoMRU5DX1JUQl9EQVRBEuEBS094WTQxTklrTmxvbXA1R0dBbmRPUE1aQUlEWEV4SHZ5VUtPcTVrSWxLeWQ4RC16MTVwbG9ocGZzQkVTcTF4R3VxazdFTHA4Z2JVTDBVUHZqR2JSTkRaN2dqTGQwejYzMTN6bi1EeGYzTEdnMFIyNXpkbVk4QjF5MllVUTMxb2t2dmJvT1otajlvQUo1cUJuUzdHMFJVdk9LNmR2MHdzb1lKZ3RjVGJra2c1VnZVZUdFeUFHMGhVQ3pGVzltdWxvYUVXdzk0am5aQzU2bDVab3lOaVM4a0hoSXBrb2FzM0gw8gIGCgRBRElE8gILCglDT09LSUVfSUSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOXv1XgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTYzqAQAsgQPCAAQARjAAiBkKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLfKgZYBiAUBmAUAoAWmr8OEsonfoXfABQDJBQAAQXcU8D_SBQkJAQoBAXDYBQHgBQHwBam7QPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq7yAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUgYACAAMAA4ugZAAMgH-cgE0gcNFXcBOAjaBwYJJ0TgBwDqBwIIAPAH7PsDiggCEAA.&s=9a4b2ebc736141c2010f8a7cf603dab72120f0a9&bdref=https%3A%2F%2Fsonichits.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fsonichits.com%2F,https%3A%2F%2Fsonichits.com%2F&
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
db67a905-5848-4d1b-bdbe-04a22ccbcde0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rd_log
fra1-ib.adnxs.com/ Frame 0999 		0
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fsonichits.com%2F&e=wqT_3QLSBshSAwAAAwDWAAUBCOHd4o8GEIGw6_jZ2__cRxgAKjYJKHB87n2HrD8RulkwJcvSpj8ZAAABAgwMQCG6DRIEKSgNJNAxAAAAQDMzwz8wh6-TCjixSUD2CEhbULfKgZYBWNafbmAAaILwrgF4-cgEgAEBigEDVVNEkgUG9CQCmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTUdQNFJjUXJRbz3YAt3EAeACjKVI6gIWaHR0cHM6Ly9zb25pY2hpdHMuY29tL_ICLAoHRU5DX0NQTRIhemxFX0g4Y1laQV9JNFprYVg0TUUyS0hvYUhHUG5JZlAw8gLyAQoMRU5DX1JUQl9EQVRBEuEBS094WTQxTklrTmxvbXA1R0dBbmRPUE1aQUlEWEV4SHZ5VUtPcTVrSWxLeWQ4RC16MTVwbG9ocGZzQkVTcTF4R3VxazdFTHA4Z2JVTDBVUHZqR2JSTkRaN2dqTGQwejYzMTN6bi1EeGYzTEdnMFIyNXpkbVk4QjF5MllVUTMxb2t2dmJvT1otajlvQUo1cUJuUzdHMFJVdk9LNmR2MHdzb1lKZ3RjVGJra2c1VnZVZUdFeUFHMGhVQ3pGVzltdWxvYUVXdzk0am5aQzU2bDVab3lOaVM4a0hoSXBrb2FzM0gw8gIGCgRBRElE8gILCglDT09LSUVfSUSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOXv1XgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTYzqAQAsgQPCAAQARjAAiBkKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLfKgZYBiAUBmAUAoAWmr8OEsonfoXfABQDJBQAAQXcU8D_SBQkJAQoBAXDYBQHgBQHwBam7QPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq7yAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUgYACAAMAA4ugZAAMgH-cgE0gcNFXcBOAjaBwYJJ0TgBwDqBwIIAPAH7PsDiggCEAA.&s=9a4b2ebc736141c2010f8a7cf603dab72120f0a9&bdref=https%3A%2F%2Fsonichits.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fsonichits.com%2F,https%3A%2F%2Fsonichits.com%2F&
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7ca89d0b-ebc1-44a6-93dd-6015cb27c3d0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usertracking
b2c.instiengage.com/v3/pages/ Frame 68BC 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.instiengage.com/v3/pages/usertracking
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.5.236 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-5-236.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
6312dced-b869-4aa5-9ca4-e5b46b713223
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
usync.js
eus.rubiconproject.com/ Frame 420C 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45030
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Tue, 01 Feb 2022 16:24:40 GMT
vevent
fra1-ib.adnxs.com/ Frame FA04 		0
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fsonichits.com%2F&e=wqT_3QK-BMg-AgAAAwDWAAUBCOHd4o8GEJu3nbHgn76zHBgAKjYJKHB87n2HrD8RulkwJcvSpj8ZAAABAgwMQCG6DRIEKSgNJNAxAAAAQDMzwz8wh6-TCjixSUD2CEhbUKbzsJYBWNafbmAAaILwrgF4-cgEgAEBigEDVVNEkgUG9A4BmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTWFuNXhjUXJRbz3YAt3EAeACjKVI6gIWaHR0cHM6Ly9zb25pY2hpdHMuY29tL4ADAIgDAZADAJgDF6ADAaoDJxoVMjA0NjU5Njg1MDU5NTA5MzQwM18xKgQ1MDY5Ogg0OTkyNzExMMADrALIAwDYA5e_VeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKbzsJYBiAUBmAUAoAWmr8OEsonfoXfABQDJBSFhHAAA8D_SBQkJCQx4AADYBQHgBQHwBcvhQPoFBAgAEACQBgCYBgC4BgDBBgklLPA_0Aau8gHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB_nIBNIHDRV3ATgI2gcGCSdE4AcA6gcCCADwB-z7A4oIAhAA&s=61ac86f034eb07c31e6223544ba83e0460de5ae6&type=nv&nvt=5&jm=1003&px=1194&py=859&bw=300&bh=250&sid=2435096161451198305&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21288839&sw=1600&sh=1200&pw=1600&ph=9002&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
eee27b67-07b1-43da-b168-df993a16b74a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sonichits.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 0999 		0
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fsonichits.com%2F&e=wqT_3QK9BMg9AgAAAwDWAAUBCOHd4o8GEIGw6_jZ2__cRxgAKjYJKHB87n2HrD8RulkwJcvSpj8ZAAABAgwMQCG6DRIEKSgNJNAxAAAAQDMzwz8wh6-TCjixSUD2CEhbULfKgZYBWNafbmAAaILwrgF4-cgEgAEBigEDVVNEkgUG9A4BmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTUdQNFJjUXJRbz3YAt3EAeACjKVI6gIWaHR0cHM6Ly9zb25pY2hpdHMuY29tL4ADAIgDAZADAJgDF6ADAaoDJxoVNTE2ODQ0MjI3NTE5NDkxODkxM18xKgQ1MDY5Ogg0OTgyNTcyOcADrALIAwDYA5e_VeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjOoBACyBA8IABABGMACIGQoADAAOAK4BADABADIBADaBAIIAeAEAfAEt8qBlgGIBQGYBQCgBaavw4Syid-hd8AFAMkFACFhGADwP9IFCQkFC3wAAADYBQHgBQHwBam7QPoFBAgAEACQBgCYBgC4BgDBBgEhATEk0Aau8gHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB_nIBNIHDRV3ATgI2gcGCSdE4AcA6gcCCADwB-z7A4oIAhAA&s=f2a5f00dd7c7f715598b80e1135fe39dc5f5e4ce&type=nv&nvt=5&jm=1003&px=1044&py=536&bw=300&bh=250&sid=2435096161451198305&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21288839&sw=1600&sh=1200&pw=1600&ph=9002&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0d74e8fd-213a-4799-aa39-bd1c5825a1cc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sonichits.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 20B4 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsonichits.com&pubid=e9099e80-533f-4980-9c3b-c70c259edd78
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 22:56:26 GMT
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
server
Server
age
17863
x-cache
Hit from cloudfront
access-control-allow-origin
https://sonichits.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
f-ZiI0E-ShrmcAE8J4zTJ_rsPqpcCZoWdaDRcZMhC559CJYef3xdvw==
bid
c.amazon-adsystem.com/e/dtb/ Frame 20B4 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsonichits.com%2F&pid=5plT5Y5wFrjgS&cb=0&ws=1x1&v=7.72.0&t=2000&slots=%5B%7B%22id%22%3A%22dtb_buy_8887%22%2C%22mt%22%3A%22v%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A260%7D%5D&schain=1.0%2C1!bandsintown.com%2C1893%2C1%2C%2C%2C&pubid=e9099e80-533f-4980-9c3b-c70c259edd78&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
EA46BG2D5E87YD5GF585
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://sonichits.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
FAbbBogd8qxy_J0wvoRUQhXHDsL5iYd3tB_L--4SEPIIo6ORD4aHcg==
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame FA04 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
72265c5f43ccec47936ea58e4c6d541c582ff0b504361fb9320204834030beec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 13:59:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 02 Feb 2022 07:10:25 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 0999 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
72265c5f43ccec47936ea58e4c6d541c582ff0b504361fb9320204834030beec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 13:59:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 02 Feb 2022 07:10:25 GMT
userconnect.js
js.adscale.de/ Frame B26C 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:1c00:f:4f64:8940:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 02:57:46 GMT
content-encoding
br
last-modified
Tue, 01 Feb 2022 02:57:44 GMT
server
AmazonS3
age
3385
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
qHqMySwOsWt3o8L8uh3RbqnuCF1S5nOi
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
tm0D53D9M90ghOg7yx1FIfzZPTCcplThDUUxUASbiFLputf2TSAAhQ==
csync
sync.console.adtarget.com.tr/ Frame B26C 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=cf6937bf63e847439fbb39898d3c870c
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
VertaMedia 1.0
Etag
2ad5d3ee01d2c1bc
Content-Length
0
casale
match.adsrvr.org/track/cmf/ Frame 3BBA 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3BBA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yfiu4UXV-pMn0Mb9Zg.AHAAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yfiu4UXV-pMn0Mb9Zg.AHAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRmWx20kgNpQfz64XxslUc&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRmWx20kgNpQfz64XxslUc&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 01 Feb 2022 03:54:10 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRmWx20kgNpQfz64XxslUc&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3BBA 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3BBA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RVHM3MXQKDV6SZY1Z2E6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MTQYYJZP95CVEB31RHCA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3BBA
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=0ag9nYb8PpfKr2jG0KF2lNaob8HKoW-VhvtgH2wY
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=0ag9nYb8PpfKr2jG0KF2lNaob8HKoW-VhvtgH2wY
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 01 Feb 2022 03:54:10 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=0ag9nYb8PpfKr2jG0KF2lNaob8HKoW-VhvtgH2wY
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3BBA
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d50cac91-9524-4e91-bf6f-d6e31084eb0d
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d50cac91-9524-4e91-bf6f-d6e31084eb0d
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 01 Feb 2022 03:54:10 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d50cac91-9524-4e91-bf6f-d6e31084eb0d
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
tpid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 3BBA
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116?gdpr_consent=&us_privacy=&gdpr=1
49 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.23
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.11.23
content-length
0
expires
0
rum
dsum.casalemedia.com/ Frame 3BBA
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643774050&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643774050&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 01 Feb 2022 03:54:10 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643774050&gdpr=1
pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
um
u-ams02.e-planning.net/ Frame 3BBA 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=4250c6da5369e790&uid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4250c6da5369e790%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
server
openresty
content-type
image/gif
userconnect
ih.adscale.de/ Frame B26C 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1643687650350&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame DE85 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
61d0263353c00ba2b8364f60f9a8276afbb7fbab8781298097fd2325527c8517

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
/
track.adform.net/csimpr/ Frame FA04 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=49927110&csi=7Ccv04sEQAEukzbv9Av5Eq1YEkPhaxm8OrrRG3mGXmXrygPkIxxfkzJUzyO5NknJTEtBeMRL9jPGi-tSiLIGZ2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
48438582.png
s1.adform.net/Banners/48438582/ Frame FA04 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/48438582/48438582.png?bv=1
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5032d3c1cb70ad1606485c62389e0c68f77ae4c209d0d2e8c99beb0458dcc967
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
last-modified
Mon, 04 Oct 2021 07:54:51 GMT
server
nginx
etag
"615ab34b-5c5c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
23644
vevent
fra1-ib.adnxs.com/ Frame FA04 		0
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fsonichits.com%2F&e=wqT_3QK-BMg-AgAAAwDWAAUBCOHd4o8GEJu3nbHgn76zHBgAKjYJKHB87n2HrD8RulkwJcvSpj8ZAAABAgwMQCG6DRIEKSgNJNAxAAAAQDMzwz8wh6-TCjixSUD2CEhbUKbzsJYBWNafbmAAaILwrgF4-cgEgAEBigEDVVNEkgUG9A4BmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTWFuNXhjUXJRbz3YAt3EAeACjKVI6gIWaHR0cHM6Ly9zb25pY2hpdHMuY29tL4ADAIgDAZADAJgDF6ADAaoDJxoVMjA0NjU5Njg1MDU5NTA5MzQwM18xKgQ1MDY5Ogg0OTkyNzExMMADrALIAwDYA5e_VeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKbzsJYBiAUBmAUAoAWmr8OEsonfoXfABQDJBSFhHAAA8D_SBQkJCQx4AADYBQHgBQHwBcvhQPoFBAgAEACQBgCYBgC4BgDBBgklLPA_0Aau8gHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB_nIBNIHDRV3ATgI2gcGCSdE4AcA6gcCCADwB-z7A4oIAhAA&s=61ac86f034eb07c31e6223544ba83e0460de5ae6&type=nv&nvt=13&jm=1003|1030|1018|1008&px=1194&py=859&bw=300&bh=250&sf=1&sid=2435096161451198305&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21288839&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
293b5344-3296-42d1-b0cf-1e63f171e8d2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sonichits.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
ib.adnxs.com/ Frame 6F71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 6F71 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=927d056e-bc5c-4e48-a65d-6022efd21e83&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=927d056e-bc5c-4e48-a65d-6022efd21e83&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca78fa99142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=927d056e-bc5c-4e48-a65d-6022efd21e83&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 6F71 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D7...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D7...
  • https://mwzeom.zeotap.com/mw?cid=59444c0f-47c1-4b1c-a915-855b519598a7&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=59444c0f-47c1-4b1c-a915-855b519598a7&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca79fc99142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=59444c0f-47c1-4b1c-a915-855b519598a7&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 6F71 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 varnish
server
nginx
x-timer
S1643687650.428897,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4044-HHN
u
dmp.v.fwmrm.net/ad/ Frame 6F71 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:11 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6F71 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea718b20-39c1-4a2a-7a83-c152f9e5b1f3%26reqId%3D72f737b0-4cc0-4f7b-788a-860c392bd23b%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=ff4cd8db-85ee-425b-8b51-cea42665a815&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ff4cd8db-85ee-425b-8b51-cea42665a815&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca7f83f9142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=ff4cd8db-85ee-425b-8b51-cea42665a815&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=23836303013657515233819255571420157573&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=23836303013657515233819255571420157573&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca8085c9142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v027-0e88eeebe.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
nuBHniq4S2E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=23836303013657515233819255571420157573&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 6F71 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022020104-33791-0.856804001643687642-1bd9d0bc50927ffc10136dd79153a05d&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022020104-33791-0.856804001643687642-1bd9d0bc50927ffc10136dd79153a05d&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca79fc39142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022020104-33791-0.856804001643687642-1bd9d0bc50927ffc10136dd79153a05d&zdid=533&env=mWeb
Date
Tue, 01 Feb 2022 03:54:02 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7059584701594794130&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-...
95 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7059584701594794130&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca78fa89142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7059584701594794130&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 6F71
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3
date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=m.soF2yIo/AKTXWp3m4iPe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=m.soF2yIo/AKTXWp3m4iPe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca828789142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
last-modified
Tue, 01 Feb 2022 03:54:10 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=m.soF2yIo/AKTXWp3m4iPe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 6F71 		36 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.106 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=9ba0c5bf769f0eb3a0e9f7415e3b4051&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4c...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=9ba0c5bf769f0eb3a0e9f7415e3b4051&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca7d8229142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=9ba0c5bf769f0eb3a0e9f7415e3b4051&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
cache-control
no-cache
x-server
10.45.25.207
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-IHeykUVE2oqVNEcOoOlI0YHPoJFvDvNCCw--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-IHeykUVE2oqVNEcOoOlI0YHPoJFvDvNCCw--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca8a9569142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Tue, 01 Feb 2022 03:54:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-IHeykUVE2oqVNEcOoOlI0YHPoJFvDvNCCw--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3YelikUR15lVxfBaf4I%2BAYycccVDaLt6%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3YelikUR15lVxfBaf4I%2BAYycccVDaLt6%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca878df9142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3YelikUR15lVxfBaf4I%2BAYycccVDaLt6%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usermatch.gif
beacon.krxd.net/ Frame 6F71 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1643687650
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 6F71 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yfiu4gAC2316UABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yfiu4gAC2316UABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361&_test=Yfiu4gAC2316UABH
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca98abb9142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643687651.785840,VS0,VE0
x-served-by
cache-hhn4078-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yfiu4gAC2316UABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361&_test=Yfiu4gAC2316UABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca8d9db9142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
MT3 4133 baa842e master cdg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Tue, 01 Feb 2022 03:54:09 GMT
usermatch.gif
beacon.krxd.net/ Frame 6F71
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392b...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1643687651
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
date
Tue, 01 Feb 2022 03:54:10 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a004-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6F71
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a8...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a8...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
34T33X4Z72QQGFEWYHMA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q428ZWX3VGB4Q30KKQ6Y
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 6F71 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:10 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 6F71
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea7...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683ca9db0c9142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
date
Tue, 01 Feb 2022 03:54:10 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 6F71 		557 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc29cf9c75a84308daee78ae9fc27d711a583b50184c5931c41311325a4443fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d683ca70f109142-FRA
date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Tue, 01 Feb 2022 03:54:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
/
track.adform.net/csimpr/ Frame 0999 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=49825729&csi=0jAz5p-JcYe-918CpvgM4OZEGccB-KX2sQVmR4cg-ujrygPkIxxfk4E6iYjVezF83W4GAO9wuy41bnGldKk-7WQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
48299014.png
s1.adform.net/Banners/48299014/ Frame 0999 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/48299014/48299014.png?bv=1
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d3ab4e4f2a0c477f0adf2ed54beb8f1a80cca30bd9769f732682cea51724d723
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
last-modified
Thu, 30 Sep 2021 09:16:02 GMT
server
nginx
etag
"61558052-8347"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
33607
match.js
js.adscale.de/ Frame DE85 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:1c00:f:4f64:8940:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 02:57:46 GMT
content-encoding
br
last-modified
Tue, 01 Feb 2022 02:57:44 GMT
server
AmazonS3
age
3385
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
DG9mM3VMCPa65VNSEaymJ3Ci_7vNNWBM
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
BKJZHa3N_yIvBrFgs4h7fmlte0vHXZHjR51i9_ktQx57uaJQVobxXQ==
vevent
fra1-ib.adnxs.com/ Frame 0999 		0
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fsonichits.com%2F&e=wqT_3QK9BMg9AgAAAwDWAAUBCOHd4o8GEIGw6_jZ2__cRxgAKjYJKHB87n2HrD8RulkwJcvSpj8ZAAABAgwMQCG6DRIEKSgNJNAxAAAAQDMzwz8wh6-TCjixSUD2CEhbULfKgZYBWNafbmAAaILwrgF4-cgEgAEBigEDVVNEkgUG9A4BmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTUdQNFJjUXJRbz3YAt3EAeACjKVI6gIWaHR0cHM6Ly9zb25pY2hpdHMuY29tL4ADAIgDAZADAJgDF6ADAaoDJxoVNTE2ODQ0MjI3NTE5NDkxODkxM18xKgQ1MDY5Ogg0OTgyNTcyOcADrALIAwDYA5e_VeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjOoBACyBA8IABABGMACIGQoADAAOAK4BADABADIBADaBAIIAeAEAfAEt8qBlgGIBQGYBQCgBaavw4Syid-hd8AFAMkFACFhGADwP9IFCQkFC3wAAADYBQHgBQHwBam7QPoFBAgAEACQBgCYBgC4BgDBBgEhATEk0Aau8gHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB_nIBNIHDRV3ATgI2gcGCSdE4AcA6gcCCADwB-z7A4oIAhAA&s=f2a5f00dd7c7f715598b80e1135fe39dc5f5e4ce&type=nv&nvt=13&jm=1003|1030|1018|1008&px=1044&py=536&bw=300&bh=250&sf=1&sid=2435096161451198305&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21288839&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4bd07bf9-4b05-4454-b37f-03e903af80a6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sonichits.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/ Frame DE85
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=cf6937bf63e847439fbb39898d3c870c&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=101&tpuid=BBID-01-03184016504723237-16514424
49 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=101&tpuid=BBID-01-03184016504723237-16514424
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=101&tpuid=BBID-01-03184016504723237-16514424
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 20B4 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D30315F30357D7B7331363739313037347D7B4335377D7B536332397561574E6F6158527A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583634307D7B593434307D7B66317D7B4C31313737357DFEFE&userIpAddr=185.213.155.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21bandsintown.com%2C1893%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61f8aee134940&debugInfo=16791074_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16791074&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1202lxnotgvj&secondaryContent=&x=640&y=440&pubUrl=https%3A%2F%2Fsonichits.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11775&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=sonichits.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Tue, 01 Feb 2022 03:54:10 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQ5JaNypaZypyRcoWU9MTY0MmY4NmY0OSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4ODUmJaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXNiozywnGy0pl5wo20zp3VvSWQ9p29hnWNbnXRmLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTt1LwIkMl4kNTUhMTYmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx3LwAhNDY5Mv43MSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwFzOGFyZTEmNDx0MCZ2SW1jT3Bjo3J0qW5cqHyNqWk0nXBfnWVlPTUzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0MmY4NmY1MDQ0MSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWY4YWVyMTYjNTQ4JaB1YyVloD1bqHRjplUmQSUlRvUlRaNiozywnGy0pl5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame DE85
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=672ffa649af5c5af0ffecd053...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
49 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Tue, 01 Feb 2022 03:54:10 GMT
img
ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/ Frame DE85
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c4863db5484f4b7e75f14a83b95d329f4b5d5314964a5fadba579fba75d9def9&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e2770...
  • https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=42&gdpr=0&tpuid=8070419996045664251
49 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=42&gdpr=0&tpuid=8070419996045664251
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
nginx
location
https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=42&gdpr=0&tpuid=8070419996045664251
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame DE85
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7d6fe8ed-9583-40db-97ed-b81b14839a17&gdpr=0
49 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7d6fe8ed-9583-40db-97ed-b81b14839a17&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:09 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7d6fe8ed-9583-40db-97ed-b81b14839a17&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4850785
content-length
0
expires
Tue, 01 Feb 2022 00:00:00 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame 3447 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:30:05 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
15818
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
LiPkjmtdiB7f-M2HSpEX4iGLN1Q-gI0MbLo68LurTII_DLiR05HW3w==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 8B29 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Tue, 01 Feb 2022 03:54:09 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sun, 31 Jan 2027 03:54:09 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame C74D 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AADDdpHt-SLn32Dk
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Tue, 01 Feb 2022 03:54:10 GMT
Content-Length
0
Etag
fb128a26b79083a1
GS.d
js.cookieless-data.com/ Frame 8B29 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1643687650632
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-82.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame DE85
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=4cb3af95eb0dcff58a999210...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent=
49 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
MT3 4133 baa842e master zrh-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 01 Feb 2022 03:54:09 GMT
369.json
id5-sync.com/g/v2/ 		213 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.200 , France, ASN16276 (OVH, FR),
Reverse DNS
p11.id5-sync.com
Software
/
Resource Hash
99658b1219669a31f914e23a5732619f6c350650a1dec64fb00e058a5fc9dd68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://sonichits.com
Date
Tue, 01 Feb 2022 03:54:10 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		44 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://sonichits.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		63 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
669ce35bff6bd7fef207553f8637d144c45742e870e5e01744c57870b63d943a

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://sonichits.com
cache-control
no-cache
x-server
10.45.29.126
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		108 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f72b7dcebfcde682a2555279d9c93980c87fb4dd88ee1a2ce05f23d8df0c58db

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sonichits.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 03 Mar 2022 03:54:10 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 3D62 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 08:49:25 GMT
expires
Mon, 30 Jan 2023 08:49:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
155085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 20B4 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Feb 2022 03:54:10 GMT
cmp
spl.zeotap.com/ Frame 6F71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683ca98abe9142-FRA
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0220 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 02:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 01 Feb 2022 03:56:34 GMT
bundle.js
cdn.admatic.com.tr/user/ Frame CA3C 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.1.242 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-463.bunnyinfra.net
Software
BunnyCDN-IL1-463 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
br
cdn-edgestorageid
463
cdn-fileserver
122
cdn-storageserver
NY-95
cdn-cachedat
01/04/2022 06:38:30
cdn-pullzone
266102
server
BunnyCDN-IL1-463
last-modified
Fri, 12 Mar 2021 04:24:49 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"604aed11-d908"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
1c3e5c9af98231eba627aa1405280f95
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
img
ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/ Frame DE85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=c2e3d7328edef441e45ceefc830d2a7dec65676ba623ea517f32fa7edf6e207a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F799...
  • https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?uid=c2e3d7328edef441e45ceefc830d2a7dec65676ba623ea517f32fa7edf6e207a&tpid=38&gdpr=0&tpuid=CAESEMqFba0L-UCy3jSWpkMiiUQ...
49 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?uid=c2e3d7328edef441e45ceefc830d2a7dec65676ba623ea517f32fa7edf6e207a&tpid=38&gdpr=0&tpuid=CAESEMqFba0L-UCy3jSWpkMiiUQ&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?uid=c2e3d7328edef441e45ceefc830d2a7dec65676ba623ea517f32fa7edf6e207a&tpid=38&gdpr=0&tpuid=CAESEMqFba0L-UCy3jSWpkMiiUQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
contents
cms.instiengage.com/v3/ Frame 2E08 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a&cookie_id=null&content_order=RANDOM&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
4269982cfebfce7f46c98b72859a6cd7272db6e7e567e714af3ca8339c4ec49a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:10 GMT
access-control-allow-credentials
true
content-length
18296
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 2E08 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:c200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
201
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 01 Feb 2022 03:51:10 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
2129
x-amz-cf-id
O4y4whcbgtDCiy6pLgwpnuz8u5T2p_Ts-YpbFHtPYBRPdhv3dgv3tA==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 2E08 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 05:36:22 GMT
x-content-type-options
nosniff
age
512268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 05:36:22 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 2E08 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 05:36:22 GMT
x-content-type-options
nosniff
age
512268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 05:36:22 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame 2E08 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
575181
cf-ray
6d683ca9ad739208-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73852
x-amz-id-2
InJV+RYX8iKM1xGaf5OKP+phbLbH4Y85oc+PaJQP+P2lwl2gseZGIAkmA7G01UuDIr3k3zidNkU=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"fb493903265cad425ccdf8e04fc2de61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaeF67lUfCktwuuzdgsPxZ0an1Vze2peXQz906T19YVoEMF8ADRKYof1kG72l7m12q%2F5EXW0GQEnDWvMK3qR4eVleB%2F1lsXdsHc%2FT%2FgMgQr5RHaHufFebHzs%2FsWJ2XdrhRuxcOXewOgQqNXaln8IrkhO"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
H3J1FZ4NVR9KV14W
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
khaos.jpg
token.rubiconproject.com/ Frame 420C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
0963d041a95f271fbba7f411adc03573
Content-Type
image/jpg
img
ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/ Frame DE85
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46099e27700f7a6a3db7%2F1643687650368%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=75&tpuid=5931503064749152372&gdpr=0
49 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=75&tpuid=5931503064749152372&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:10 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:10 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 885.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c7797715-0500-491e-8b6a-90fc5c744990
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/img?tpid=75&tpuid=5931503064749152372&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
js
ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/ Frame DE85
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=28c82514439f6a369de1907496a05127237f76bb77c8f39214c0046355e43e87&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=28c82514439f6a369de1907496a05127237f76bb77c8f39214c0046355e43e87&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7999d34eba9e46...
  • https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/js?tpid=48&tpuid=449678f43063631e9634c7e685c77050
44 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/js?tpid=48&tpuid=449678f43063631e9634c7e685c77050
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68f33925cd632dd5a3653cfcdd240a401cc83a96453650269b8f785438f394d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:11 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Tue, 01 Feb 2022 03:54:11 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/7999d34eba9e46099e27700f7a6a3db7/1643687650368/0/js?tpid=48&tpuid=449678f43063631e9634c7e685c77050
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
user
ads3.admatic.com.tr/ Frame CA3C 		77 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
781534fec9ccfcd8df533225aa78007ba942d3649dd1f4cea27f002fd38c2618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
81
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_question-loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sonichits.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 01 Feb 2022 03:54:11 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://sonichits.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
event
event.instiengage.com/v1/ Frame 2E08 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_question-loaded
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/6ac1beff-5f1c-4ca2-9b7f-fb29c60ea46a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sonichits.com
date
Tue, 01 Feb 2022 03:54:11 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
200.gif
media1.giphy.com/media/VDIqlLXSWas36/ Frame 2E08 		350 KB
350 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1.giphy.com/media/VDIqlLXSWas36/200.gif
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2bd62c74124ee696f88f9d211ef313dae2a3c8305b19d82de9f3fe0b06abe796
Security Headers
Name Value
Strict-Transport-Security max-age=15465600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:11 GMT
via
1.1 varnish, 1.1 varnish
age
618126
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
358254
x-served-by
cache-iad-kjyo7100156-IAD, cache-hhn4068-HHN
last-modified
Thu, 18 Jul 2019 20:40:03 GMT
x-timer
S1643687651.109645,VS0,VE2
etag
"2d02b6f3d6f65e0c63e083f78f847a0f"
strict-transport-security
max-age=15465600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1, 1
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 2E08 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 05:36:22 GMT
x-content-type-options
nosniff
age
512269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 05:36:22 GMT
sium
ih.adscale.de/ Frame DE85 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Tue, 01 Feb 2022 03:54:11 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
new
ads3.admatic.com.tr/user/ Frame CA3C 		171 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
4cc37bc5759f695289a17d805ea8a9bf1c8f2f86114913681257ceab355a3bc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Feb 2022 03:54:10 GMT
content-encoding
br
etag
QseiAZRBrnQYrZLhIlrfz9rXQ7leyaNTN9ArdhhTEE-WXnQXq6Mb7htbqId4vMZS2ahwyIvLN4yb6asRZpLGVw
last-modified
Tue, 01 Feb 2022 04:54:11 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
175
csync
sync.console.adtarget.com.tr/ Frame CA3C 		0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=ncfWQhK7o2jF_PU4ihz4ETLFU6NyiNTUQuJ5sKiNFnzV43iuU_7XqTdCu7zti50nD3MrUYXLpeKAlMGKzbot1g
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:10 GMT
Server
VertaMedia 1.0
Etag
fb128a26b79083a1
Content-Length
0
truncated
/ Frame 20B4 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20B4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21816933321%2FPrimis_Video_RON_Desktop%26description_url%3Dhttps%253A%252F%252Fsonichits.com%252F%26env%3Dvp%26impl%3Ds%26correlator%3D%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26sz%3D1x1%26unviewed_position_start%3D1%26cust_params%3D%24%7BKV_ENC_1%7D%2526prmsig%253Dspeczp&customPlayback=f&customClick=f&lid=8&sdkv=h.3.496.0&e=44750824&id=ima_html5&c=1362656164249131&domain
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lyrics
sonichits.com/api/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sonichits.com/api/lyrics?artist=The+Weeknd&track=Sacrifice&ij=1
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde00a179a925a4ecd7c05fdc69ac2ec0d45e29391767ee85b8fd671448a8f08

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
cache
date
Tue, 01 Feb 2022 03:54:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrW5lLnEffU%2FzTwDiQahIpFp7QdpylsFuJU4uPrhEip89RsDZptokyNdFosMeGZg6jB2L2XRn%2Bly%2BEK7Nr671x51Ro4Q0L5qoJBOoKjkyebVI5tCDOwGO%2FBV4RpSuqaAkmkiRyxDJ%2FlQ4pM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sonichits.com/
cache-control
public, max-age=15724800
cf-ray
6d683cac9ac59214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 Aug 2022 03:54:11
ads
pagead2.googlesyndication.com/gampad/ Frame 3D62 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21816933321%2FPrimis_Video_RON_Desktop&description_url=https%3A%2F%2Fsonichits.com%2F&env=vp&correlator=3331842469482268&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=%24%7BKV_ENC_1%7D%26prmsig%3Dspeczp&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=4267496501&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=4BA72D98-1E7D-4A51-BBEA-07DC2D9A0538&nel=0&eid=44750824&url=https%3A%2F%2Fsonichits.com%2F&dlt=1643687649195&idt=1836&dt=1643687651293&scor=3304538304987607&ged=ve4_td2_tt0_pd2_la2000_er627.-2735.780.-2435_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame A1EE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 01 Feb 2022 03:54:11 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 914E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=155902
expires
Wed, 02 Feb 2022 23:12:33 GMT
date
Tue, 01 Feb 2022 03:54:11 GMT
vary
Accept-Encoding
stv
match.prod.bidr.io/cookie-sync/ Frame 20B4
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=bf473738a36b8768d16b615a2c1d43&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l134f_7059584705884726182
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YmY0NzM3MzhhMzZiODc2OGQxNmI2MTVhMmMxZDQz&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFoCRoEZRfzgBwosANUDGN0&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=59444c0f-47c1-4b1c-a915-855b519598a7
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5931503064749152372
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/bf473738a36b8768d16b615a2c1d43?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-fr6EgRhE2oO1VTHDukQX3PwyGhA3JzciapNKP5lT~A
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=Ocn3Cw7e1NeKfa5&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8070419996045664251
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Yfiu4gAC2316UABH
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20B4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?error=1005&vis=1&lid=7&sdkv=h.3.496.0&e=44750824&id=ima_html5&c=1362656164249131&domain
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame FA04 		0
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fsonichits.com%2F&e=wqT_3QK-BMg-AgAAAwDWAAUBCOHd4o8GEJu3nbHgn76zHBgAKjYJKHB87n2HrD8RulkwJcvSpj8ZAAABAgwMQCG6DRIEKSgNJNAxAAAAQDMzwz8wh6-TCjixSUD2CEhbUKbzsJYBWNafbmAAaILwrgF4-cgEgAEBigEDVVNEkgUG9A4BmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTWFuNXhjUXJRbz3YAt3EAeACjKVI6gIWaHR0cHM6Ly9zb25pY2hpdHMuY29tL4ADAIgDAZADAJgDF6ADAaoDJxoVMjA0NjU5Njg1MDU5NTA5MzQwM18xKgQ1MDY5Ogg0OTkyNzExMMADrALIAwDYA5e_VeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKbzsJYBiAUBmAUAoAWmr8OEsonfoXfABQDJBSFhHAAA8D_SBQkJCQx4AADYBQHgBQHwBcvhQPoFBAgAEACQBgCYBgC4BgDBBgklLPA_0Aau8gHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB_nIBNIHDRV3ATgI2gcGCSdE4AcA6gcCCADwB-z7A4oIAhAA&s=61ac86f034eb07c31e6223544ba83e0460de5ae6&type=pv&jm=1003|1030|1018|1008&px=1194&py=859&bw=300&bh=250&sf=1&sid=2435096161451198305&vd=ct~0|rr~5&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21288839&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:11 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0df40265-6884-4d2b-a6e3-7128a7aab913
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sonichits.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptrack
a.audrte.com/ Frame 3447 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=185.213.155.163&p=M1353665098&artime=2022-02-01T03:54:11.405Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuY29uc29sZS5hZHRhcmdldC5jb20udHIlMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc0NDIlMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-197.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
609a5f132029b6f636b23a4b54c1f670f5aa86a7de5812c203f8dc253e047c64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:11 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
vevent
fra1-ib.adnxs.com/ Frame 0999 		0
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fsonichits.com%2F&e=wqT_3QK9BMg9AgAAAwDWAAUBCOHd4o8GEIGw6_jZ2__cRxgAKjYJKHB87n2HrD8RulkwJcvSpj8ZAAABAgwMQCG6DRIEKSgNJNAxAAAAQDMzwz8wh6-TCjixSUD2CEhbULfKgZYBWNafbmAAaILwrgF4-cgEgAEBigEDVVNEkgUG9A4BmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTUdQNFJjUXJRbz3YAt3EAeACjKVI6gIWaHR0cHM6Ly9zb25pY2hpdHMuY29tL4ADAIgDAZADAJgDF6ADAaoDJxoVNTE2ODQ0MjI3NTE5NDkxODkxM18xKgQ1MDY5Ogg0OTgyNTcyOcADrALIAwDYA5e_VeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNjOoBACyBA8IABABGMACIGQoADAAOAK4BADABADIBADaBAIIAeAEAfAEt8qBlgGIBQGYBQCgBaavw4Syid-hd8AFAMkFACFhGADwP9IFCQkFC3wAAADYBQHgBQHwBam7QPoFBAgAEACQBgCYBgC4BgDBBgEhATEk0Aau8gHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB_nIBNIHDRV3ATgI2gcGCSdE4AcA6gcCCADwB-z7A4oIAhAA&s=f2a5f00dd7c7f715598b80e1135fe39dc5f5e4ce&type=pv&jm=1003|1030|1018|1008&px=1044&py=536&bw=300&bh=250&sf=1&sid=2435096161451198305&vd=ct~0|rr~5&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21288839&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:11 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f3e261b0-7a18-4c55-b83e-94f52c46065b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sonichits.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 420C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.80 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
deb9f124eecce7a554c70ca983265c95
Content-Type
image/gif
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY0MmY4NmY0OSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4ODUmJaN0YT0jJat9NwQjJax9NDQjJaZcZF9jYXNmRG9gYWyhPXNiozywnGy0pl5wo20zp3VvSWQ9p29hnWNbnXRmLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTt1LwIkMl4kNTUhMTYmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx3LwAhNDY5Mv43MSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwFzOGFyZTEmNDx0MCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwQmNwt3NwUkNwA3JaVcZD1TZWgcozRiU1BfYXyypwYkZwuuZWUkNwA1NDtzpHVvVXJfPWu0qHBmJTNBJTJGJTJGp29hnWNbnXRmLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:11 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
match
ps.eyeota.net/ Frame 3447
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8070419996045664251
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEJsx8YcOkXi3rqKDrNnHz3U&google_cver=1
  • https://ps.eyeota.net/match?bid=kh51m51&uid=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:12 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Tue, 01 Feb 2022 03:54:11 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 3447 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:11 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 3447
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=&google_gid=CAESEJsx8YcOkXi3rqKDrNnHz3U&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-197.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:11 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 01 Feb 2022 03:54:11 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
track.adform.net/serving/unload/ Frame 0999 		35 B
458 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8070419996045664251@@49825729,4123182829968414549,100|1017|0|0|0|0|0|0|0||40|0|1325|8593849176063793062_5168442275194918913_1|||1|0|0|VE9HPfoOvGtX7EYoWZQhUZjQ1Xd3Gxp-TKv2GHHogky1NX7bNLe_1skllzAqADQrA7z_uuw_WOM1|||11|0|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:11 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 0999 		35 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=49825729&event=178&time=1&baid=48299014&name=Viewable%20impressions&imprid=4123182829968414549&icid=8070419996045664251&eData=0jAz5p-JcYde4X96V4jsw3fQEB2YCfEw4fn4X_ACi5jRePlyZ9bfinc_859ouWydbpmnTOZUD88au94oJsHc8Q2&rtbdata=KOxY41NIkNlomp5GGAndOPMZAIDXExHvyUKOq5kIlKyd8D-z15plohpfsBESq1xGuqk7ELp8gbUL0UPvjGbRNDZ7gjLd0z6313zn-Dxf3LGg0R25zdmY8B1y2YUQ31okvvboOZ-j9oAJ5qBnS7G0RUvOK6dv0wsoYJgtcTbkkg5VvUeGEyAG0hUCzFW9muloaEWw94jnZC56l5ZoyNiS8kHhIpkoas3H0&rtbwp=0.055721-zlE_H8cYZA_I4ZkaX4ME2KHoaHGPnIfP0&rnd=997546303
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:11 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
usermatch
ssum-sec.casalemedia.com/ Frame 57C7 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://sonichits.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Expires
Tue, 01 Feb 2022 03:54:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:11 GMT
Content-Length
54
Connection
keep-alive
/
track.adform.net/serving/unload/ Frame FA04 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=4199148971590323053@@49927110,3473181339482449449,100|1100|0|0|0|0|0|0|0||43|0|1325|8593849176063793062_2046596850595093403_1|||1|0|0|CNkIARFJludX7EYoWZQhUdvfzIt5LB0xGD9q74eQt6nbzKpYWKNU7ckllzAqADQrA7z_uuw_WOM1|||11|0|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:11 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame FA04 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=49927110&event=178&time=2&baid=48438582&name=Viewable%20impressions&imprid=3473181339482449449&icid=4199148971590323053&eData=7Ccv04sEQAG-QQqfudlhu3fQEB2YCfEw4fn4X_ACi5heRORreGxDXsz0sJiK89yAbpmnTOZUD88au94oJsHc8Q2&rtbdata=KOxY41NIkNlomp5GGAndOPMZAIDXExHv2PnDwKHIW5d1JvPKi12gbSU7WZephFqiuqk7ELp8gbUL0UPvjGbRNDZ7gjLd0z6313zn-Dxf3LGg0R25zdmY8B1y2YUQ31okvvboOZ-j9oAJ5qBnS7G0RUvOK6dv0wsoYJgtcTbkkg5VvUeGEyAG0hUCzFW9muloaEWw94jnZC56l5ZoyNiS8kHhIpkoas3H0&rtbwp=0.055721-zlE_H8cYZA_I4ZkaX4ME2KHoaHGPnIfP0&rnd=158187294
Requested by
Host: sonichits.com
URL: https://sonichits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:11 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
user
ads3.admatic.com.tr/ Frame CA3C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://x.bidswitch.net/ul_cb/sync?ssp=admatic
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=Lbz5OTBYyzWQRwUhg77wYP2q&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id=
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:11 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Tue, 01 Feb 2022 03:54:11 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
usermatch
ssum-sec.casalemedia.com/ Frame D3FA 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c33c999bcf12767082b2255c01d4b3fd906906aa2b10293524007f035517a8bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|206|88|218|51|188|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 01 Feb 2022 03:54:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
Content-Length
1724
Connection
keep-alive
2b9d395f79fd97a5
sync.e-planning.net/uspd/1/ Frame 39A9 		1 KB
945 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
63d81293bdb83db456c23b8fbfcd89c5d88a7637b5c3f2625f24f618f54f6293

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

server
openresty
date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Tue, 01 Feb 2022 03:54:13 GMT
x-sid
AMS-731
content-encoding
gzip
ps
ssc-cms.33across.com/ Frame 2B76 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D33XUSERID33X
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Tue, 01 Feb 2022 03:54:12 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame FBE5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 01 Feb 2022 03:54:13 GMT
Connection
keep-alive
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 77F1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
5439
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xexn8vZeEDCCQ%2BgemQwwoqsKrN%2BzqOqBgKZSLMzP3AiVPXJfnjaGSlp%2BQvQzK16QgkDvF0rPA6HNMEtJFMI1q6HbLX0BoaN4T15LVh6bZg%2BQYNW0Gc0cn3hQIPGFfpPsOszZpAPci1nMhMW4tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d683cb78b379199-FRA
content-encoding
br
/
ssc-cms.33across.com/ps/ Frame 1144 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Tue, 01 Feb 2022 03:54:12 GMT
pd
u.openx.net/w/1.0/ Frame 5875 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
spl.zeotap.com/ Frame 79BB 		530 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffa5ae20557d6536234c1c41cb63a8de719fa622b97f82109869bc9042f4112

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://sonichits.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683cb75c649142-FRA
content-encoding
br
/
onetag-sys.com/usync/ Frame D4B4 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7Cc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8&gdpr=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
check.html
biddr.brealtime.com/ Frame E6A2 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
TZDfxO4uwORNUA/4irnRs9qqp9lI3eH+ruz8qqqAX5jBwgQ1rzgBbhsPKs2FgAnYzrbwWSW5JnM=
x-amz-request-id
15DYQDFYDGXZWWWF
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
3212
Expires
Tue, 01 Feb 2022 03:55:13 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6d683cb7993c9031-FRA
Content-Encoding
gzip
/
onetag-sys.com/usync/ Frame DBF2 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1643687649319
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
rubicon
ex.ingage.tech/v1/syncPage/ Frame 7F81 		951 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html
vary
Origin
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683cb76841693a-FRA
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3FD9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 31 Jan 2022 02:33:15 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 01 Feb 2022 03:54:13 GMT
Age
4855
X-Served-By
cache-lga21971-LGA, cache-hhn4027-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 15782
X-Timer
S1643687653.154917,VS0,VE0
Vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 36BF 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/fbda09f1-2c7e-4d13-b979-9446a67e7d25.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
80c3b0bb3843e2e6e04ae445d0096615e1d11172c1959e6b7c49094e25498238

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
3
cache-control
max-age=900
content-md5
QCSeq2FKawOpVfv0E2CAsg==
content-type
text/html; charset=utf-8
date
Tue, 01 Feb 2022 03:54:13 GMT
etag
37bc1cf3-694b-48fb-bcf6-07886e29e3bd
expires
Tue, 01 Feb 2022 04:09:13 GMT
last-modified
Tue, 25 Jan 2022 20:06:01 GMT
opc-request-id
iad-1:hH1jpwIS14KgTioRdrliWR1uDUK4IyZKYF77GUmZ3VkkTCeZje5ayRUYzSlGsFdz
server
ECAcc (frd/E2F8)
storage-tier
Standard
vary
Accept-Encoding
version-id
bd9997b4-74c0-44b1-b547-14aba203aaf5
x-api-id
native
x-cache
HIT
content-length
6224
c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8
ex.ingage.tech/v1/sync/acuityads/
Redirect Chain
  • https://cs.admanmedia.com/sync/insticator_ssp?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%7B%24UID%7D
  • https://ex.ingage.tech/v1/sync/acuityads/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=ed9fe1139178481f1b1dbd3c68925cea524d8bdf
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/acuityads/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=ed9fe1139178481f1b1dbd3c68925cea524d8bdf
Protocol
H2
Server
2606:4700:10::6816:1b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6d683cb91a5e693a-FRA

Redirect headers

Location
https://ex.ingage.tech/v1/sync/acuityads/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=ed9fe1139178481f1b1dbd3c68925cea524d8bdf
Date
Tue, 01 Feb 2022 03:54:13 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8
ex.ingage.tech/v1/sync/amx/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
  • https://ex.ingage.tech/v1/sync/amx/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=6a931c91-7038-4c9a-899b-b749e9a7ea20&gdpr=0
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/amx/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=6a931c91-7038-4c9a-899b-b749e9a7ea20&gdpr=0
Protocol
H2
Server
2606:4700:10::6816:1b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6d683cb81955693a-FRA

Redirect headers

location
https://ex.ingage.tech/v1/sync/amx/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=6a931c91-7038-4c9a-899b-b749e9a7ea20&gdpr=0
date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
usa
sync.go.sonobi.com/ 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsonobi%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8
ex.ingage.tech/v1/sync/sovrn/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID&sovrn_retry=true
  • https://ex.ingage.tech/v1/sync/sovrn/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=92d459ab911038721e233b8c
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/sovrn/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=92d459ab911038721e233b8c
Protocol
H2
Server
2606:4700:10::6816:1b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6d683cb84994693a-FRA

Redirect headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ex.ingage.tech/v1/sync/sovrn/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=92d459ab911038721e233b8c
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
services
sync.technoratimedia.com/ 		0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=90&uid=c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsynacor%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%5BUSER_ID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
26758983
access-control-allow-origin
https://sonichits.com/
access-control-allow-credentials
true
c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8
ex.ingage.tech/v1/sync/bidswitch/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dinsticator%26bsw_par...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=7b259baefcab453787711792a7e19010&ssp=insticator&bsw_param=d2d17e31-2696-46b0-b00f-55cdc506595c&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ex.ingage.tech/v1/sync/bidswitch/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=d2d17e31-2696-46b0-b00f-55cdc506595c&gdpr=&gdpr_consent=&us_privacy=
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/bidswitch/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=d2d17e31-2696-46b0-b00f-55cdc506595c&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
2606:4700:10::6816:1b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6d683cb8498a693a-FRA

Redirect headers

Location
//ex.ingage.tech/v1/sync/bidswitch/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=d2d17e31-2696-46b0-b00f-55cdc506595c&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 01 Feb 2022 03:54:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D3FA 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:ccb:acde:da2f:31fc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame D3FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame D3FA 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame D3FA 		85 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643687653.050258,VS0,VE91
x-served-by
cache-hhn4078-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
ibs:dpid=23728&dpuuid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
dpm.demdex.net/ Frame D3FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.158.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-158-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
sync
x.bidswitch.net/ Frame D3FA 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.100.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-100-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
CookieIndex
rtb.adentifi.com/ Frame D3FA 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.55.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-55-191.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
crum
dsum-sec.casalemedia.com/ Frame D3FA
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 01 Feb 2022 03:54:13 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Tue, 01 Feb 2022 03:54:13 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8
ex.ingage.tech/v1/sync/ix/ Frame D3FA 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=Yfiu4UXV_pMn0Mb9Zg-AHAAABFwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-ray
6d683cb78885693a-FRA
usermatch
ssum-sec.casalemedia.com/ Frame 11ED 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://sonichits.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Expires
Tue, 01 Feb 2022 03:54:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
Content-Length
54
Connection
keep-alive
idsync
sync.aralego.com/ Frame 77F1 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Aldie, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
prebid
rtb.openx.net/sync/ Frame 39A9 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D662f81febc283255%26uid%3D%24%7BUID%7D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:12 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
99t521r14ihcj3kse9lp076ee0sa7c8r
ptag
a.audrte.com/ Frame 39A9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-197.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
136ddf394493465215aa32a08a1725c1ec56e73808070bf34d275a2ea5276c30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 39A9 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:12 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 31 Jan 2027 03:54:12 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 39A9
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D662f81febc283255
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
date
Tue, 01 Feb 2022 03:54:13 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame DF1C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Feb 2022 03:54:13 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Tue, 01 Feb 2022 03:54:13 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CDC9 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=155900
expires
Wed, 02 Feb 2022 23:12:33 GMT
date
Tue, 01 Feb 2022 03:54:13 GMT
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 93B2 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
H
cf4age
0
x-cf-tsc
1641922229
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fC.fra2:co:1585621119:cacheN.fra2-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame 061B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame B030 		530 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85515e4b923f8f48af58d1036e7478fd4b119338548a8ef2c435e39df491a34

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://sync.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683cb7ed1c9142-FRA
content-encoding
br
usync.html
eus.rubiconproject.com/ Frame C12F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Feb 2022 03:54:13 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
date
Tue, 01 Feb 2022 03:54:13 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CD01 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=155900
expires
Wed, 02 Feb 2022 23:12:33 GMT
date
Tue, 01 Feb 2022 03:54:13 GMT
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame BCE2 		0
83 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
cdn.districtm.io/ids/ Frame EFD4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/?sellerid=101769
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6d683cb81dc4912e-FRA
ps
pixel.33across.com/ Frame ECDF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Tue, 01 Feb 2022 03:54:12 GMT
/
onetag-sys.com/usync/ Frame 616C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=572a470226457b8
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 31DA 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
2fd1b553f65628b5f74e04e95a6738e7fd45ae5b808a3e8fe295e3a6121fc5f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html; charset=utf-8
content-length
493
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
technorati
sync.1rx.io/usersync2/ Frame 36BF 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync2/technorati
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0
services
uat-net.technoratimedia.com/ Frame 36BF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=59444c0f-47c1-4b1c-a915-855b519598a7
0
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=59444c0f-47c1-4b1c-a915-855b519598a7
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
535029635
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=59444c0f-47c1-4b1c-a915-855b519598a7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
services
sync.technoratimedia.com/ Frame 36BF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5931503064749152372
0
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5931503064749152372
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1038439435
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
114356de-91a5-429e-b722-2d5a5b394af6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5931503064749152372
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 36BF
Redirect Chain
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=vrd6MC2g4zZbLYERTsJ40TXdLRW1Nf2V
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=vrd6MC2g4zZbLYERTsJ40TXdLRW1Nf2V
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
191842474
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=vrd6MC2g4zZbLYERTsJ40TXdLRW1Nf2V
date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3386
content-length
217
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
sync
sync.bfmio.com/ Frame 36BF
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=164
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=59444c0f-47c1-4b1c-a915-855b519598a7
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=59444c0f-47c1-4b1c-a915-855b519598a7
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
HTTP/1.1
Server
52.22.84.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-84-205.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 01 Feb 2022 03:54:13 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=59444c0f-47c1-4b1c-a915-855b519598a7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame 36BF
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=163
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=59444c0f-47c1-4b1c-a915-855b519598a7
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=59444c0f-47c1-4b1c-a915-855b519598a7
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
HTTP/1.1
Server
52.22.84.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-84-205.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 01 Feb 2022 03:54:13 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=59444c0f-47c1-4b1c-a915-855b519598a7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
services
uat-net.technoratimedia.com/ Frame 36BF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=9c6082f0-8312-11ec-9c89-1cf699440206
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=9c6082f0-8312-11ec-9c89-1cf699440206
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
576316033
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Server
nginx
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=9c6082f0-8312-11ec-9c89-1cf699440206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
112
Connection
keep-alive
Content-Length
0
syn
match.prod.bidr.io/cookie-sync/ Frame 36BF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/syn
  • https://match.prod.bidr.io/cookie-sync/syn?_bee_ppp=1
20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/syn?_bee_ppp=1
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
HTTP/1.1
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
09a6d59f29991351a3146cbc0dfb7c6104ae603120337b7ec05da94c703493da
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
20
strict-transport-security
max-age=2592000; includeSubDomains
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/syn?_bee_ppp=1
Date
Tue, 01 Feb 2022 03:54:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 36BF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor&zcc=1&cb=1643687653157
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5941950122
  • https://sync.1rx.io/usersync/tradedesk/59444c0f-47c1-4b1c-a915-855b519598a7
  • https://sync.targeting.unrulymedia.com/csync/RX-05dcf6da-17ae-4824-9868-537bd0596a78-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
42 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:359
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
date
Tue, 01 Feb 2022 03:54:13 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX05dcf6da17ae48249868537bd0596a78003
content-type
text/html
services
uat-net.technoratimedia.com/ Frame 36BF
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=3d158837-9bfd-4f41-b7cc-4e0ee2dc7033
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=3d158837-9bfd-4f41-b7cc-4e0ee2dc7033
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
899564147
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=3d158837-9bfd-4f41-b7cc-4e0ee2dc7033
date
Tue, 01 Feb 2022 03:54:13 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
services
uat-net.technoratimedia.com/ Frame 36BF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-QixlHJNE2uFaTYb_ToL276kUjWaEylZE~A
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-QixlHJNE2uFaTYb_ToL276kUjWaEylZE~A
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
455863610
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-QixlHJNE2uFaTYb_ToL276kUjWaEylZE~A
date
Tue, 01 Feb 2022 03:54:13 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
uat-net.technoratimedia.com/ Frame 36BF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
934556259
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=Yfiu4UXV-pMn0Mb9Zg.AHAAA%261116
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
286
Expires
Tue, 01 Feb 2022 03:54:13 GMT
services
uat-net.technoratimedia.com/ Frame 36BF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%%
  • https://uat-net.technoratimedia.com/services?srv=cs&uid=SZmkowr5598c&pid=83
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&uid=SZmkowr5598c&pid=83
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
H2
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
462840451
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://uat-net.technoratimedia.com/services?srv=cs&uid=SZmkowr5598c&pid=83
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-c97897cf6-2hngz
expires
-1
usersync
match.bnmla.com/ Frame 36BF 		0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?sspid=1000237&redir=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs%26pid=84%26uid=%5BUUID%5D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame CDC9 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1031509&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1d1421065363bb256da771d1bf8cac06582efa02688c080b9ccd1b9a746c37f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame 31DA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=DLuy315fp&dongle=u6nf
eb2.3lift.com/ Frame 31DA
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=DLuy315fp&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=DLuy315fp&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=DLuy315fp&dongle=u6nf
date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 31DA 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 31DA
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM2NDA0MDI5NTEzMjkyNjg3Nzk5NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM2NDA0MDI5NTEzMjkyNjg3Nzk5NA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM2NDA0MDI5NTEzMjkyNjg3Nzk5NA%3D%3D
date
Tue, 01 Feb 2022 03:54:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 31DA 		0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2364040295132926877994&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A10C72EF7FAD4BE7B8E17CDB48129A98 Ref B: FRAEDGE1306 Ref C: 2022-02-01T03:54:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXW7NqysagiuTxx42hGyg==
xuid
eb2.3lift.com/ Frame 31DA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2364040295132926877994?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rEB9KjxE2oR4w2lupF4pps.v2jsSuk_gELORNehP8w--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rEB9KjxE2oR4w2lupF4pps.v2jsSuk_gELORNehP8w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 01 Feb 2022 03:54:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rEB9KjxE2oR4w2lupF4pps.v2jsSuk_gELORNehP8w--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 31DA 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=2364040295132926877994&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.100.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-100-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 31DA 		42 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2364040295132926877994&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
etag
"9ea1ae3587d81:0"
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 46A8B6D041DF4DAF9969CEF7A6FF2EC9 Ref B: FRAEDGE1208 Ref C: 2022-02-01T03:54:13Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 31DA
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2364040295132926877994
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2364040295132926877994&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2364040295132926877994&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RACQF7A1V4PG4R3TE4PJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2364040295132926877994&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 31DA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 31DA 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=88&uid=2364040295132926877994
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
149770262
access-control-allow-origin
https://eb2.3lift.com/
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame DF1C 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45027
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Tue, 01 Feb 2022 16:24:40 GMT
usync.html
eus.rubiconproject.com/ Frame 7F81
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Feb 2022 03:54:13 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
date
Tue, 01 Feb 2022 03:54:13 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usync.js
eus.rubiconproject.com/ Frame C12F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45027
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Tue, 01 Feb 2022 16:24:40 GMT
mw
mwzeom.zeotap.com/ Frame 79BB
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea7...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=74914c79-90c1-4c89-4363-8407cae771a6&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=74914c79-90c1-4c89-4363-8407cae771a6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683cb8ce3d9142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=74914c79-90c1-4c89-4363-8407cae771a6&zdid=1361
date
Tue, 01 Feb 2022 03:54:13 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 79BB 		557 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=74914c79-90c1-4c89-4363-8407cae771a6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a77c28d6035684d06bcad4bd1c78601869b55b043c82bf13a913f643dc27146

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d683cb87df29142-FRA
date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Tue, 01 Feb 2022 03:54:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cc.js
tags.crwdcntrl.net/c/15238/ Frame 39A9 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:30:05 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
15821
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
l-KyKS_xKagX7S7l4igGnWsT2Uuwfu9erEci9ruZTZxxLROb8WLSlQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 8A9E 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

server
openresty
date
Tue, 01 Feb 2022 03:54:12 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sun, 31 Jan 2027 03:54:12 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8
ex.ingage.tech/v1/sync/eplanning/ Frame 1347 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/eplanning/c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8?uid=AADDdpHt-SLn32Dk
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Fc22a13c1-5e7a-43a9-8ecd-07db89f2d1d8%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
vary
Origin
access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683cb899cf693a-FRA
async_usersync
ib.adnxs.com/ Frame 3FD9 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fdb36504-49a7-4e82-83df-6ff133120387
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 0451 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=08F6A4C4-E2F6-4412-9D16-320F6F86208E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 51E1
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1177796469199382528
42 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1177796469199382528
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 00:31:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
sfopug012:0:405
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1177796469199382528
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame A88C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent=
42 B
512 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 03:54:11 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug006:0:413
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:670e61f8-aee2-4d00-9e0e-737cec3cd0b5&gdpr=0&gdpr_consent=
Expires
Tue, 01 Feb 2022 03:54:12 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B69F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
187 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 03:54:12 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug005:0:365
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Tue, 01 Feb 2022 03:54:13 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Tue, 01 Feb 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1649138
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame 0578
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059584701594794130
42 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059584701594794130
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 03:54:11 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug019:0:369
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 01 Feb 2022 03:54:13 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059584701594794130
Pug
simage2.pubmatic.com/AdServer/ Frame FD0E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yfiu4gAC2316UABH&gdpr=0&gdpr_consent=
1 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yfiu4gAC2316UABH&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 23:41:12 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug0027:0:344
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yfiu4gAC2316UABH&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
x-served-by
cache-hhn4078-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1643687653.220958,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C01F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6tWI1Lm0Sa5X_Wl4Ajmw0LnVm6M
42 B
224 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6tWI1Lm0Sa5X_Wl4Ajmw0LnVm6M
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 23:41:13 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0027:0:435
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Tue, 01 Feb 2022 03:54:13 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6tWI1Lm0Sa5X_Wl4Ajmw0LnVm6M
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame C983
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 03:54:12 GMT
content-type
text/html; charset=utf-8
x-lat
amspug004:2:272
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Tue, 01 Feb 2022 03:54:13 GMT
server
_
redir
rtb-csync.smartadserver.com/ Frame AB68
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFxMjhVN0Q4VjRBQUdRWDlRNzZHUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAq28U7D8V4AAGQX9Q76GQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAq28U7D8V4AAGQX9Q76GQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAq28U7D8V4AAGQX9Q76GQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAq28U7D8V4AAGQX9Q76GQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAq28U7D8V4AAGQX9Q76GQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
i.match
s.tribalfusion.com/z/ Frame 6EB0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683cb9e8fa905b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
50
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683cb8d807905b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookiesync
core.iprom.net/ Frame F4F1 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
ragnarok-b912e7136669@version_1.368
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
1ms
Date
Tue, 01 Feb 2022 03:54:13 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6A94
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Lbz5OTBYyzWQRwUhg77wYP2q
42 B
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Lbz5OTBYyzWQRwUhg77wYP2q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 03:54:12 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
sfopug009:0:280
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Tue, 01 Feb 2022 03:54:13 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Lbz5OTBYyzWQRwUhg77wYP2q
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 0918 		15 B
877 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c08f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683cb8ebbe8ffa-FRA
RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
sync.targeting.unrulymedia.com/csync/ Frame 5FE6
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5325624152
  • https://sync.1rx.io/usersync/tradedesk/59444c0f-47c1-4b1c-a915-855b519598a7
  • https://sync.targeting.unrulymedia.com/csync/RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
Tengine
date
Tue, 01 Feb 2022 03:54:13 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
bridge
cm.adgrx.com/ Frame 6D20 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 9D4B
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c82be9ec-c8c0-404b-80ce-b6acec0e4f7b-tuct8f23465&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c82be9ec-c8c0-404b-80ce-b6acec0e4f7b-tuct8f23465&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
x-served-by
cache-hhn4074-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1643687653.305436,VS0,VE9
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c82be9ec-c8c0-404b-80ce-b6acec0e4f7b-tuct8f23465&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
x-served-by
cache-hhn4044-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1643687653.232377,VS0,VE9
x-vcl-time-ms
9
content-length
0
um
u-ams02.e-planning.net/ Frame 28CE 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=662f81febc283255&uid=08F6A4C4-E2F6-4412-9D16-320F6F86208E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
openresty
date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CDC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CPakxOL2RBKdFjIPb4Ygjg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=155900
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 02 Feb 2022 23:12:33 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=670e61f8-aee2-4d00-9e0e-737cec3cd0b5
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=670e61f8-aee2-4d00-9e0e-737cec3cd0b5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Server
MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=670e61f8-aee2-4d00-9e0e-737cec3cd0b5
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 01 Feb 2022 03:54:12 GMT
/
spl.zeotap.com/ Frame CDC9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=08F6A4C4-E2F6-4412-9D16-320F6F86208E
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9ba0c5bf769f0eb3a0e9f7415e3b4051
  • https://spl.zeotap.com/?zdid=1332&zcluid=5e05c569749a91c2
95 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=5e05c569749a91c2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6d683cbb698a9142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=5e05c569749a91c2
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhGNkE0QzQtRTJGNi00NDEyLTlEMTYtMzIwRjZGODYyMDhF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug014:0:258
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDdxrALkoqiCb2aWzwwc1a0&google_cver=1
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDdxrALkoqiCb2aWzwwc1a0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug013:0:264
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDdxrALkoqiCb2aWzwwc1a0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame CDC9 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 31 Jan 2022 03:54:13 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8070419996045664251
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8070419996045664251
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 23:40:54 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0022:0:533
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8070419996045664251
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59444c0f-47c1-4b1c-a915-855b519598a7
42 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59444c0f-47c1-4b1c-a915-855b519598a7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 23:37:29 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:421
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59444c0f-47c1-4b1c-a915-855b519598a7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5931503064749152372&gdpr=0&gdpr_consent=
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5931503064749152372&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 23:08:19 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug023:0:378
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
55f29002-b747-4f0f-8b07-692ecac49615
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5931503064749152372&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PI1aK2vZWSEnig9wPYQRIjuNCHcnhAgja94BajM0
42 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PI1aK2vZWSEnig9wPYQRIjuNCHcnhAgja94BajM0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug015:0:273
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PI1aK2vZWSEnig9wPYQRIjuNCHcnhAgja94BajM0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
08F6A4C4-E2F6-4412-9D16-320F6F86208E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CDC9 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/08F6A4C4-E2F6-4412-9D16-320F6F86208E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:ccb:acde:da2f:31fc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=08F6A4C4-E2F6-4412-9D16-320F6F86208E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-s88_VvRE2uXeHf3V3rGpZRBjgZ3fvUM-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-s88_VvRE2uXeHf3V3rGpZRBjgZ3fvUM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-s88_VvRE2uXeHf3V3rGpZRBjgZ3fvUM-~A&gdpr=0&gdpr_consent=
date
Tue, 01 Feb 2022 03:54:13 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=4036ebeb-d23b-49bc-a86e-4519b621df76&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d2d17e31-2696-46b0-b00f-55cdc506595c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d2d17e31-2696-46b0-b00f-55cdc506595c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 23:41:13 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0027:0:416
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d2d17e31-2696-46b0-b00f-55cdc506595c&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 01 Feb 2022 03:54:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8627758794172146307&gdpr=0&gdpr_consent=&us_privacy=
1 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8627758794172146307&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:423
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8627758794172146307&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame CDC9 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=08F6A4C4-E2F6-4412-9D16-320F6F86208E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e9137f87-11a3-4877-bbcb-c6347e272934&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e9137f87-11a3-4877-bbcb-c6347e272934&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 23:41:14 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0027:0:355
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e9137f87-11a3-4877-bbcb-c6347e272934&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 01 Feb 2022 03:54:14 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:12 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug008:0:382
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CDC9
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5931503064749152372
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5931503064749152372
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 23:40:10 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0028:0:282
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3cb5ca4d-0e08-46f6-81d2-44d047605f59
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5931503064749152372
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7F81 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45027
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Tue, 01 Feb 2022 16:24:40 GMT
GS.d
js.cookieless-data.com/ Frame 8A9E 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fsync.e-planning.net%2F&s=&rand=1643687653271
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-82.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Feb 2022 03:54:13 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame B030
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dea7...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=341fed9f-7e9e-4720-42ff-feeb5be3099f&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=341fed9f-7e9e-4720-42ff-feeb5be3099f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d683cb93ed19142-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=341fed9f-7e9e-4720-42ff-feeb5be3099f&zdid=1361
date
Tue, 01 Feb 2022 03:54:13 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame B030 		557 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=341fed9f-7e9e-4720-42ff-feeb5be3099f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea17ed925f622cafde6043a986aa6a73596846b691d37abcd2293e37ad337f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d683cb91e9f9142-FRA
date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Tue, 01 Feb 2022 03:54:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cmp
spl.zeotap.com/ Frame 79BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=74914c79-90c1-4c89-4363-8407cae771a6&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=74914c79-90c1-4c89-4363-8407cae771a6&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683cbac8cc9142-FRA
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=919290435/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame 0653 		993 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=919290435/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
201bafab5849bf14177185387bbc0cb88c09c62cc8d4d07fe766b0cb7d897eea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
content-type
text/html;charset=utf-8
content-length
993
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.29.112
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
cmp
spl.zeotap.com/ Frame B030 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=341fed9f-7e9e-4720-42ff-feeb5be3099f&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=341fed9f-7e9e-4720-42ff-feeb5be3099f&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d683cbb698f9142-FRA
generic
match.adsrvr.org/track/cmf/ Frame 0653 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=919290435/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
image.sbxx
global.ib-ibi.com/ Frame 0653 		0
0
pixel
cm.g.doubleclick.net/ Frame 0653 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OWJhMGM1YmY3NjlmMGViM2EwZTlmNzQxNWUzYjQwNTE
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=919290435/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 0653 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=90ad22bd57eaef60a265f245b9d6261f
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=919290435/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:13 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 0653 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=9ba0c5bf769f0eb3a0e9f7415e3b4051
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=919290435/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:13 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1643687653
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
tpid=Yfiu4gAC2316UABH
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 0653
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Yfiu4gAC2316UABH
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Yfiu4gAC2316UABH
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=919290435/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.126
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643687654.705247,VS0,VE0
x-served-by
cache-hhn4078-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Yfiu4gAC2316UABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
khaos.jpg
token.rubiconproject.com/ Frame DF1C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
0963d041a95f271fbba7f411adc03573
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame C12F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
0963d041a95f271fbba7f411adc03573
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 7F81 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
0963d041a95f271fbba7f411adc03573
Content-Type
image/jpg
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: sonichits.com
URL: https://sonichits.com/js/?v=1636681992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
281ed0393f041e551a88ed3152eeab17551acb4503625c0d56aeeabc6aca7688
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sC5WWRejDG6KphOyFoRmjA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 01 Feb 2022 04:01:31 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1689
x-fb-rlafr
0
x-fb-debug
CAOVk1ayZP90HnmU5u0JhCkPhvh7dSphkYfGuaMG4KZlRuhAycvoNRnVUh2zTdiLLzz0m5ux68qrCNrhcurA7A==
x-fb-trip-id
686109401
x-fb-content-md5
a874a3710eb741fa55407d56b7b946ab
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 01 Feb 2022 03:54:13 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"230e7baeb60036ea4d56ded750045f63"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
sdk.js
connect.facebook.net/en_US/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=338f21e5ed4777480091008b54573c58
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68df69379bde4eb5a643cd80170bdeeb7868c26a7b5953960c77c737e5cdf35b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sonichits.com/
Origin
https://sonichits.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
jXyqaCmsf3U3NDmx6mUInQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 01 Feb 2023 00:42:57 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82043
x-fb-rlafr
0
x-fb-debug
spvzef4BpT50dCaaawuBrIVmaRFCX3/L/GckUhVZ0B7SyzFOJd0Kj1R0lw2l6f2g/B+JIk/gX0029msEA139Kg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e8d37039d9c5ea1c43e2f4b01e95e5a9
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 01 Feb 2022 03:54:13 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"4e4b95c6fb886c3aab918b11d68b08fc"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=640891275947728&input_token&origin=1&redirect_uri=https%3A%2F%2Fsonichits.com%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: srv.tunefindforfans.com
URL: https://srv.tunefindforfans.com/fruits/apricots.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sonichits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Qquk5sGEtojw5OOIQSN4Ie+rZB50JbBXyTrCPT5odV6lDI5R/tRDJP4xu9yjFUc9jvioRVqcbkgXYzfbI9C5dA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Tue, 01 Feb 2022 03:54:13 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sonichits.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C12F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Content-Type
image/gif
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 7F81 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
f69a50991384d09413b97a37bb74928b
Content-Type
image/gif
ptrack
a.audrte.com/ Frame 39A9 		368 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=185.213.155.163&p=M1353665098&artime=2022-02-01T03:54:14.762Z&arlocation=c3luYy5lLXBsYW5uaW5nLm5ldC91c3BkLzEvMmI5ZDM5NWY3OWZkOTdhNT9ydWlkbT0xJmR1PWh0dHBzJTNBJTJGJTJGZXguaW5nYWdlLnRlY2glMkZ2MSUyRnN5bmMlMkZlcGxhbm5pbmclMkZjMjJhMTNjMS01ZTdhLTQzYTktOGVjZC0wN2RiODlmMmQxZDglM0Z1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=c29uaWNoaXRzLmNvbS8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-197.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
03d6531272bc6ea9f46bb22f939fed9f61c34bc34036fdb43de6e6cbd8932ca8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:14 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://sync.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
p
a.audrte.com/ Frame 39A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=&google_gid=CAESEJsx8YcOkXi3rqKDrNnHz3U&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-197.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:15 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 01 Feb 2022 03:54:14 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame 39A9
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8070419996045664251
  • https://ps.eyeota.net/match?bid=kh51m51&uid=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:15 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Tue, 01 Feb 2022 03:54:14 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 39A9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=33lWuQgnsCRTieTgo4Xt62eqQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 03:54:14 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
SPug
simage4.pubmatic.com/AdServer/ Frame CDC9 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D662f81febc283255%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/serving/unload/ Frame 0999 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8070419996045664251@@49927110,3473181339482449449,100|4701|0|0|0|0|0|0|0||184|0|1325|8593849176063793062_2046596850595093403_1|||1|0|0|CNkIARFJludX7EYoWZQhUdvfzIt5LB0xGD9q74eQt6nbzKpYWKNU7ckllzAqADQrA7z_uuw_WOM1|||01|0|0@@49825729,4123182829968414549,100|4699|0|0|0|0|0|0|0||184|0|1325|8593849176063793062_5168442275194918913_1|||1|0|0|VE9HPfoOvGtX7EYoWZQhUZjQ1Xd3Gxp-TKv2GHHogky1NX7bNLe_1skllzAqADQrA7z_uuw_WOM1|||01|0|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sonichits.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:15 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://sonichits.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=286186938/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/ Frame 3FDB 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=286186938/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
16bbcc589751232ea40d779a89c549d5399e838956d0ccc7beb41c2a24e76123

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Tue, 01 Feb 2022 03:54:16 GMT
content-type
text/html;charset=utf-8
content-length
1296
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.29.112
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
t
px.surveywall-api.survata.com/ Frame 3FDB 		0
0
tpid=23836303013657515233819255571420157573
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 3FDB
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9ba0c5bf769f0eb3a0e9f7415e3b4051&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=23836303013657515233819255571420157573
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=23836303013657515233819255571420157573
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=286186938/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.112
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-1-v027-010f8de1e.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
St8GZoVyTdc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=23836303013657515233819255571420157573
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 3FDB 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=286186938/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:15 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=f1285982-ca3f-49e5-8d28-9d224b25660d
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 3FDB
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=9ba0c5bf769f0eb3a0e9f7415e3b4051&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=f1285982-ca3f-49e5-8d28-9d224b25660d
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=f1285982-ca3f-49e5-8d28-9d224b25660d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=286186938/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.126
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=f1285982-ca3f-49e5-8d28-9d224b25660d
date
Tue, 01 Feb 2022 03:54:16 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
tpid=8627758794172146307
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 3FDB
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/9ba0c5bf769f0eb3a0e9f7415e3b4051/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8627758794172146307
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8627758794172146307
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=286186938/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.207
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8627758794172146307
pragma
no-cache
date
Tue, 01 Feb 2022 03:54:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
qmap
sync.crwdcntrl.net/ Frame 3FDB
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=286186938/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20sonichits.com/rt=ifr
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 03:54:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.244
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Tue, 01 Feb 2022 03:54:16 GMT
Server
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=670e61f8-aee2-4d00-9e0e-737cec3cd0b5
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 01 Feb 2022 03:54:15 GMT
user
ads3.admatic.com.tr/ Frame CA3C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=d2d17e31-2696-46b0-b00f-55cdc506595c
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=d2d17e31-2696-46b0-b00f-55cdc506595c
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=457c2c56-6a58-42a6-907f-0851a40479c3&ssp=admatic&expires=30&user_group=5&bsw_param=d2d17e31-2696-46b0-b00f-55cdc506595c
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id=
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=9ba0c5bf769f0eb3a0e9f7415e3b4051
Domain
px.surveywall-api.survata.com
URL
https://px.surveywall-api.survata.com/t
Domain
ads3.admatic.com.tr
URL
https://ads3.admatic.com.tr/user?bsw_uuid=d2d17e31-2696-46b0-b00f-55cdc506595c&dsp_uuid=&dsp_id=

Verdicts & Comments Add Verdict or Comment

739 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| Insticator boolean| isBIT function| __d3lUW8vwsKlB__ number| win_h number| win_w string| hash string| isSuppressAds boolean| is_right_column object| googletag object| slot_right object| slot_lyrics1 object| slot_middle object| slot_top_center object| slot_top_top_center object| slot_bottom object| slot_sticky object| slot_right_sticky function| build_sticky_ad function| build_right_sticky_ad function| build_offscreen_slot function| gtag boolean| isApp boolean| isFBTab boolean| isUpdateCache object| slotsToRefresh object| dataLayer boolean| isInitialLyrics boolean| isJSONInitialLyrics boolean| initial_youtube string| first_yt_id number| initial_fb_id function| insertCss object| lateCss boolean| playerLoaded string| playerVideo number| scrollspeed object| cLang boolean| isSuppressLyrics boolean| isStopAutoLyrics boolean| isAutoPlay boolean| isAndroidApp boolean| isIosApp boolean| isAA boolean| isSwitchingLang number| theme boolean| is_starting_up string| httpHost boolean| isOA3 boolean| isOKO object| allSlots boolean| isAppleAds boolean| fb_width boolean| isAS boolean| isAS2 boolean| isAS3 string| addClass object| p function| urlEncode function| urlDecode function| slugEncode function| slugDecode function| htmlEncode function| htmlDecode function| base64_encode function| numberPadding function| secondsToTime function| ucwords function| inArray function| matchingCharacters function| trim function| preloadImg function| validateFields function| validateEmail function| displayAlertErrorMessages function| validateVanityUrl function| validateSocialMediaUrl function| isRadioButtonSelected function| getImagePrePath function| capitalizeFirstWord function| findMatchInExistingContent function| check_uploading_profile_pic_type function| displayExistingProfilePic function| getProfilePicturePath function| getUserOptionsList function| getUrlVars function| animatePage function| hidePopupTimely function| disablePopup function| setTabTextAndLevel function| setDefaultTabActive function| setActiveTab function| checkAllContentsButton function| hideAllTabs function| hideEmptyTab function| hideTabs function| populateBoard function| setUserBoardAccess function| displaySocialMediaLinks function| getCurrentPopup function| updatePlayingTrack function| trackPlayingFromCurrentList function| displayProfileSection function| adjustBottomPadding function| updateHTML function| setUpPage function| loadDeferImages function| isNearViewport function| showHideCommentContent function| showHideLyricsComments function| strip_html_tags function| getSelectedLyrics string| basePath boolean| hashNavigation string| hashPath string| currentPath boolean| isBackButton string| prevPath string| referrerPage function| hashChanged function| pathChanged function| displayPath function| loadPath function| start_loading_everything string| freshenStr function| getOneDayCB function| getOneMonthCB function| tagImageUrl string| url_protocol function| homeTagsUrl function| homeArtistsUrl function| homeTracksUrl function| artistInfoUrl function| bioEchonestUrl function| artistTracksUrl function| artistAlbumsUrl function| artistSimilarUrl function| albumInfoUrl function| trackInfoUrl function| trackAlbumTracksUrl function| searchTagsUrl function| searchArtistsUrl function| searchAlbumsUrl function| searchTracksUrl function| tagTagsUrl function| tagArtistsUrl function| tagAlbumsUrl function| tagInfoUrl function| tagTracksUrl function| suggestArtistsUrl function| suggestTracksUrl function| suggestAlbumsUrl function| suggestTagsUrl function| trackDurationUrl function| youtubeSearchUrl function| relatedVideosUrl function| lyricsUrl function| lyricsCountUrl function| getAllUrl string| currentPageType string| currentArtist string| currentAlbum string| currentTrack string| currentSearch string| currentTag string| currentImage string| artistImageForOrphanTrack string| prevPageType object| homeTagsXhr object| homeArtistsXhr object| homeTracksXhr object| artistInfoXhr object| artistTracksXhr object| artistAlbumsXhr object| artistSimilarXhr object| albumInfoXhr object| bioXhr object| bioExtraXhr object| bioHeaderXhr object| trackInfoXhr object| trackAlbumTracksXhr object| searchTagsXhr object| searchArtistsXhr object| searchAlbumsXhr object| searchTracksXhr object| tagTagsXhr object| tagArtistsXhr object| tagAlbumsXhr object| tagTracksXhr object| suggestArtistsXhr object| suggestTracksXhr object| suggestAlbumsXhr object| boardInfoXhr object| boardTagsXhr object| boardArtistsXhr object| boardAlbumsXhr object| boardTracksXhr object| userInfoXhr object| boxesMoreAlreadyOpened object| tooltipsDisplayed number| topTabTriggerFlag number| isEmptyPage boolean| isEmptyBoard function| pageAlert function| focusFirstInputField function| openWindow function| openTab function| openPopup function| updateTitle function| abort function| abortPage function| loading function| hideAll function| displayLoading boolean| isInitialLoadOrError number| savePadding function| loaded function| pageLoaded function| displayPage function| error function| displayNoResults function| hideNonLyricsTabsLoader function| hideNonVideosTabsLoader function| hideNonBioTabsLoader function| hideNonCommentsTabsLoader function| tooltip function| fadeImage string| firstTag function| removeHiddenTags boolean| isRetina function| getImageSize function| homeTags function| alwaysHomeArtists function| homeArtists function| homeTracks function| showHideInfo function| translateBio function| setInterfaceBio function| url_domain function| dropDownElement function| doneLoadBio string| lastBioKey function| loadBio function| doneBioHeader function| loadBioHeader function| alwaysArtistInfo function| doneArtistInfo function| artistInfo function| exitRelMode function| showRelatedVideos function| alwaysArtistTracks function| artistTracks function| alwaysArtistAlbums function| artistAlbums function| artistSimilar function| alwaysAlbumInfo function| doneAlbumInfo function| albumInfo function| alwaysTrackInfo function| doneTrackInfo boolean| isTrackBio function| trackInfo function| setQueueCurrentTrack function| searchTags function| searchArtists function| searchAlbums function| searchTracks function| firstToUpper function| alwaysTagTags function| tagTags function| alwaysTagArtists function| tagArtists function| alwaysTagAlbums function| tagAlbums function| tagTracks function| loadAllContents number| searchTypesDone function| updateSearchLoading function| suggestArtists function| suggestTracks function| suggestAlbums function| closePopup function| commentBoxFocus function| setupAlertDiv boolean| playerVolumeTimeout boolean| playerMouseTimeout number| mouseX number| mouseY number| playerVisibleTimeout boolean| videoLastSeconds number| updateTrackStatusFromQueue function| isPlayerUnloaded function| isPlayerLoading function| isPlayerSearching function| isPlayerPlaying function| isPlayerPaused function| isPlayerStopped function| isPlayerFinished function| isPlayNextTrack function| isPlayerMuted function| removePlayerClass function| playerUnloaded function| playerSearching function| playerLoading function| playerPlaying function| playerPaused function| showAdIfNotPlaying function| playerStopped function| playerFinished function| playerFinishing function| playerVisible function| updatePlayerLabel function| updatePlayerProgress function| updatePlayerButtons function| playerMinivideo function| hideShowCursorOnPlayer function| showSource boolean| isPressedPlayMobile boolean| isMob boolean| isiPhoneiPod boolean| isIOS boolean| isChrome boolean| isSafari boolean| isIE function| ieVersion function| initMobile function| isMobile undefined| youtubeHTML5Player function| getVideoDuration function| getVideoCurrentTime function| setVideoCurrentTime function| videoPlay function| videoPause function| videoPlayPause function| videoStop function| videoMute function| videoUnmute function| videoError number| iPhoneiPodAutoPlayCount boolean| isInitialVideoLoad number| lastVideoLoaded function| loadVideo number| last_yt_id_done function| setupYTPlayer function| onYouTubeHTML5PlayerReady function| onIEHover number| autoStartTryCount boolean| isAutoQueueing function| autoStartIfRequired number| startVideoPos object| timer function| onYoutubePlayerStateChange function| clearTimer function| onYoutubePlayerError function| hideSurvey string| playerArtist string| playerTrack number| playerDuration string| playerImage string| preloadPlayerArtist string| preloadPlayerTrack string| preloadPlayerDuration object| queueTracks number| queueCurrentTrack object| youtubeSearchXhr object| preloadYoutubeSearchXhr object| trackDurationXhr object| lyricXhr number| videoPlays function| queueLoaded function| clearQueue function| playQueueTrack function| nextQueueTrack function| prevQueueTrack function| playQueueVideo function| nextQueueVideo function| queueVideoAt function| prevQueueVideo function| queueVideoError function| addTrackDetailInQueue function| addTrackToQueue function| addTracksToQueue function| addAllTracksToQueue function| doneYoutubeSearch function| youtubeSearch function| youtubeSearchCallback function| invalidateThisTrack function| assignVideos function| doneTrackDuration function| trackDuration function| translateLyrics string| lyricsArtist string| lyricsSong string| lastPrepLyricsArtist string| lastPrepLyricsSong boolean| isEverStoppedAutoLyrics function| prepareLyricsButton string| lastLyricsArtist string| lastLyricsSong function| loadLyrics function| handleTopLyricsHiding function| setInterfaceLyrics function| setLyricsCount string| lastVideoArtistTrackLoaded function| setInterfaceVideos function| preloadQueueTrack function| preloadYoutubeSearch function| preloadYoutubeSearchCallback function| preloadTrackDuration function| increaseVideoPlays function| maxedVideoPlays function| showLyricVideos function| scrollToVideos function| showVids function| share function| shareClick object| FB undefined| facebookUserID string| facebookUsername string| facebookGender string| facebookLocale string| facebookEmail function| onFacebookStatusChange function| facebookLogIn function| facebookLogOut boolean| isLoadedInitialAd function| facebookLoggingIn function| setInterfaceOption function| facebookLoggedIn function| facebookLoggedOut function| isFacebookLogged function| facebookShare function| facebookSignup function| fbAsyncInit function| updateFBPage function| showDefaultFBPage number| last_fb_pg_id boolean| last_used_artist function| showFBPage function| setFbPageSource function| getOption function| updateTracks function| selectPlayingVideo function| clicksVideos function| getTopZero function| clicksSkip function| clicksPageTop boolean| isMouseEvent function| clicks function| infoBtnClick function| updateThemeStatus function| openBox function| setInterfaceTheme function| autoExpand function| showAddToBoard function| addSlot function| addAllSlotsToRefresh function| refreshSlots function| refreshForTrackChange function| refreshForTopLyricsHiding function| ajaxUser function| ajaxVideo function| ajaxPageId function| ajaxEmailUserSignUp function| ajaxUserSignIn function| ajaxUserResetPassword function| ajaxSetNewPassword function| ajaxUserChangePassword function| ajaxUpdateUserProfilePicture function| ajaxUserSettings function| ajaxGetUserProfileInfo function| ajaxAddBoard function| ajaxEditBoard function| ajaxDeleteBoard function| ajaxAddBoardEntry function| ajaxDeleteBoardEntry function| ajaxAddBoardAndBoardEntry function| addUserComment function| ajaxAddUserComment function| removeExtraSpaces function| updateCommentBox function| appendCommentBox function| showChildReplies function| ga object| analyticsDimensions function| analyticsEvent function| analyticsDimension function| analyticsPageview function| displayProfilePic function| displayFacebookLoginError function| hideShowUserLogin function| userLoggedIn function| userLoggedOut function| logoutUser function| userInfo function| getUserUidAndUserUidHash function| updateUserCookies function| updateUserPublicData function| updateUserData function| updateUserProfileUrl function| updateUserSocialMediaLinks function| getUserBoards function| getUserPublicFacingBoards function| renderUserBoardsSection string| lastBoardArtist string| lastBoardTrackName function| renderUserBoardOptions function| setUserBoardOption function| getBoardPictureURL function| boardInfo function| boardTags function| boardArtists function| boardAlbums function| doneBoardTracks function| boardTracks function| hideEmptyTabs function| getUserCommentBox boolean| is_fixedvideod boolean| is_ready boolean| is_do_asap boolean| is_just_started_up boolean| is_do_final_startup boolean| is_completed_startup boolean| is_done_finalstartup boolean| is_loading_everything object| rTimer object| events number| readyStateCheckInterval function| onReady boolean| isDoneFE function| doOnFirstEvent object| rEvents boolean| isAllowRefresh function| refreshAllOnNextEvent function| doRefreshNow function| loadAS boolean| is_done_after_break function| doAfterBreak boolean| is_started_yt function| startYouTube boolean| isDoneAdLoad function| initialAdLoad function| doOA3 function| doPhase2 function| loadFBConnect function| doStartupStuff function| doFinalStartup function| doYT function| startupClicksSearch function| startupClicks function| startSearch function| endSearch boolean| is_block_underline function| animateUnderline function| is_minivideod function| isAnyInViewPort function| isAnyInViewPortElem number| nav_initial_top boolean| is_fixed_nav boolean| is_fixed_topad boolean| is_fixed_bottom boolean| is_reset_topad boolean| is_sticky_right_on number| lastTop number| scrollDelta function| doScroll function| slotLoaded boolean| is_no_refreshing object| slotsLastRefreshed function| refreshInViewSlots function| isAdDivVisible function| refreshStickyIfVisible function| $ function| jQuery boolean| isInfoTagsDisabled boolean| isUpdateVideosNow boolean| hideAlertBox boolean| displayProfile boolean| isAutoPlayTrack number| preSelectedBoard number| boardSettings number| isMeaning object| WebFont object| InsticatorApp string| insticatorHeaderCodeVersion object| instBid undefined| stackLineNum undefined| stackLineString undefined| errorLoc undefined| errorMsg boolean| insticatorIframeLoaded object| confiant object| InsticatorXmess object| __connect function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| PWT string| partnerName string| key object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| instBidChunk object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked object| MTQyNGVhNTBhMzk1NGIwMmxvYWRlcl9qcw== string| MTQyNGVhNTBhMzk1NGIwMmNhY2hlZF9qcw== object| googlefc string| __fcexpdef object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| ggeac object| google_js_reporting_queue boolean| apiCache boolean| apiSuggestionsCache boolean| youtubeCache number| tagsLimit number| tagsBoxLimit number| artistsLimit number| albumsLimit number| tracksLimit number| artistTracksLimit number| suggestionsLimit number| videosLimit boolean| forceArtistMbid boolean| forceAlbumMbid boolean| forceTrackMbid string| facebookAppId boolean| debug string| requestUri boolean| isDev string| defaultPic boolean| isPlayHome string| userBoardHeading string| youtubeVideoURL boolean| isInitialPageLoad string| captcha_public_key boolean| isFlex boolean| isDelayFlex string| cf_page_artist string| cf_page_song string| cf_adunit_id boolean| cf_flex object| gaplugins object| gaGlobal object| gaData object| default_ContributorIabTcfV2ClientJs function| __g78fHfh446__ undefined| google_measure_js_timing object| cf object| Honeybadger string| topLevelDomain object| monetized_ad_id object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent97 number| mobileSearch string| parentSearch object| ads_list object| embeds_list boolean| isPageviewSent string| baseUrl boolean| pathChangedOnLoad string| url string| path object| xhr number| limit string| labelArtist string| labelTrack string| lastSelectedBtn boolean| wasLyricsJustOn string| thisTrackArtist string| thisTrackTrack string| thisTrackImage number| thisTrackDuration number| totalQueueTracks number| queueCurrentVideo string| updateTrackArtist string| updateTrackTrack string| updateTrackImage number| updateTrackDuration number| totalQueueVideos string| lastBoardTrack object| json undefined| userIdHash undefined| userId boolean| isPlayBoard string| today object| a boolean| sekindoFlowingPlayerOn object| freewheelssp_cache number| lnt_z object| Adform boolean| __adform_onload function| ADFReload function| ADFCall function| ADFcall number| google_global_correlator object| closure_lm_164661 number| playerProgressDuration

170 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQgd6sm-svCgoI4gEQgd6sm-svCgoI5gEQgd6sm-svCgoIhwIQgd6sm-svCgkICRCB3qyb6y8KCQg6EIHerJvrLwoJCAsQgd6sm-svCgoIjAIQgd6sm-svCgoIngIQgd6sm-svCgkIXxCB3qyb6y8=
.mrtnsvr.com/sync Name: userId
Value: DLuy315fp
.sonichits.com/ Name: language
Value: en
sonichits.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.sonichits.com/ Name: _pubcid
Value: 8f6de36b-db0c-4ead-a1cb-4022d174415e
.sonichits.com/ Name: _ga
Value: GA1.2.1060605773.1643687649
.sonichits.com/ Name: _gid
Value: GA1.2.462759324.1643687649
.sonichits.com/ Name: _gat_gtag_UA_48241384_2
Value: 1
sonichits.com/ Name: cto_bidid
Value: ldhQD19LWHZLU1pXSTR4aThtNGQ1eDVTdkR0RDFXZFlCZ0M2N1VQcmZaYm1UbGxLQldJY2pSVWZxZlNCcGJJc3N3S0hIb2ZtJTJGa0pBWmZmZlJYZGo2a3Niam13JTNEJTNE
sonichits.com/ Name: cto_bundle
Value: 1lc-f180VWZwUXdrdnZ6Skh5RDAlMkZ2Y3A3eEZOc0lhSEUzTzd4Q1pkWGl1ZCUyQkclMkZHVzNsVEFZcDdSU2F0WG9wcm5idkJqMmZOSHhmZzhzOWI2c3klMkZsRk9MQnFCNkpMNEI4dDZyRWtSSWwxZEpSJTJGRm5lNDd2TUxpcnM1UG9vUk1UUCUyRmlSWA
.tunefindforfans.com/ Name: bot_tracker
Value: a%3A2%3A%7Bs%3A11%3A%22ads_counter%22%3Ba%3A1%3A%7Bi%3A1643687649%3Bi%3A1%3B%7Ds%3A5%3A%22isbot%22%3Bb%3A0%3B%7D
.tunefindforfans.com/ Name: CF_ID
Value: f77c2f4da403020d3fec357524a4ed1a
sonichits.com/ Name: InstiSession
Value: eyJpZCI6IjgwNmY1MTM4LWIxNzYtNDVkYS1hYjc1LTYxM2Y2Yzc4ZDM1OSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
sonichits.com/ Name: hb_insticator_uid
Value: c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8
sonichits.com/ Name: ucf_uid
Value: 110aa0c6-b82a-4944-acfe-0ab9511f3ed0
ads.us.e-planning.net/ Name: CT
Value: 1
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s56128|Yfiu5
.e-planning.net/ Name: E
Value: AADDdpHt-SLn32Dk
.adnxs.com/ Name: icu
Value: ChgIkeRYEAoYASABKAEw4d3ijwY4AUABSAEQ4d3ijwYYAA..
.adnxs.com/ Name: uuid2
Value: 5931503064749152372
prebid.a-mo.net/ Name: __amc
Value: 1_1643687649_1643687649
.sonichits.com/ Name: _gat
Value: 1
.3lift.com/ Name: tluid
Value: 2364040295132926877994
.casalemedia.com/ Name: CMID
Value: Yfiu4UXV-pMn0Mb9Zg.AHAAA
.casalemedia.com/ Name: CMPS
Value: 3268
.casalemedia.com/ Name: CMPRO
Value: 1116
.aralego.com/ Name: sspid
Value: 110aa0c6-b82a-4944-acfe-0ab9511f3ed0
.spotxchange.com/ Name: audience
Value: 9c6082f0-8312-11ec-9c89-1cf699440206
ads.stickyadstv.com/ Name: UID
Value: bf473738a36b8768d16b615a2c1d43
.adform.net/ Name: C
Value: 1
.creativecdn.com/ Name: u
Value: G5dNE2nHJFkQJyrEvGuU
.creativecdn.com/ Name: ts
Value: 1643687650
.sonichits.com/ Name: _gat_Insticator_Embed_v4
Value: 1
.adform.net/ Name: uid
Value: 8070419996045664251
.adform.net/ Name: TPC
Value: 1643687650231
.adscale.de/ Name: uu
Value: cf6937bf63e847439fbb39898d3c870c
.zeotap.com/ Name: zc
Value: ea718b20-39c1-4a2a-7a83-c152f9e5b1f3
.quantserve.com/ Name: mc
Value: 61f8aee2-63c78-1114d-840ab
.richaudience.com/ Name: avcid-zeo-uid
Value: ea718b20-39c1-4a2a-7a83-c152f9e5b1f3
.adsrvr.org/ Name: TDID
Value: 59444c0f-47c1-4b1c-a915-855b519598a7
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adfarm1.adition.com/ Name: UserID1
Value: 7059584701594794130
.tapad.com/ Name: TapAd_TS
Value: 1643687650450
.tapad.com/ Name: TapAd_DID
Value: f1285982-ca3f-49e5-8d28-9d224b25660d
.ibillboard.com/ Name: ibbid
Value: BBID-01-03184016504723237-16514424
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 9ba0c5bf769f0eb3a0e9f7415e3b4051
.tidaltv.com/ Name: tidal_ttid
Value: ff4cd8db-85ee-425b-8b51-cea42665a815
.demdex.net/ Name: demdex
Value: 23836303013657515233819255571420157573
.theadex.com/ Name: axd
Value: 4284645146694357158
.theadex.com/ Name: tis_VQL
Value: VQLeAvgv
.weborama.fr/ Name: AFFICHE_W
Value: p3JvzeX-S@qn88
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA0tTK0MAIAFKjyvwkAAAA="
.dpm.demdex.net/ Name: dpm
Value: 23836303013657515233819255571420157573
.doubleclick.net/ Name: IDE
Value: AHWqTUlMFPfm8ee1L0o3L110fPWp3N2Bo5dbmODHQIkP_-MyZvKdwhzR_7yGO7wl79Q
.agkn.com/ Name: ab
Value: 0001%3AsY1GYS9FJoYYcyxNXa7f44Y0ErFMxFic
.mathtag.com/ Name: uuid
Value: 670e61f8-aee2-4d00-9e0e-737cec3cd0b5
.criteo.com/ Name: uid
Value: 7d6fe8ed-9583-40db-97ed-b81b14839a17
sonichits.com/ Name: _lr_retry_request
Value: true
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a550070
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a307080
Value: G5dNE2nHJFkQJyrEvGuU
.console.adtarget.com.tr/ Name: a306708
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a550214
Value: ${USER_ID}
sonichits.com/ Name: _lr_env_src_ats
Value: false
.krxd.net/ Name: _kuid_
Value: OosFYG4x
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yfiu4gAC2316UABH
sonichits.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2259444c0f-47c1-4b1c-a915-855b519598a7%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-01T03%3A54%3A10%22%7D
.sonichits.com/ Name: panoramaId_expiry
Value: 1643774050744
.adscale.de/ Name: cct
Value: 1643687650952
.console.adtarget.com.tr/ Name: a307565
Value: cf6937bf63e847439fbb39898d3c870c
.console.adtarget.com.tr/ Name: vmuid
Value: fb128a26b79083a1
.console.adtarget.com.tr/ Name: a307442
Value: AADDdpHt-SLn32Dk
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1643687651132
.m6r.eu/ Name: id
Value: 449678f43063631e9634c7e685c77050
.ih.adscale.de/ Name: tu
Value: 4#4229098681#48~449678f43063631e9634c7e685c77050~456579~0~0#101~BBID-01-03184016504723237-16514424~456579~0~0#38~CAESEMqFba0L-UCy3jSWpkMiiUQ~456579~0~0#39~670e61f8-aee2-4d00-9e0e-737cec3cd0b5~456579~0~0#40~7d6fe8ed-9583-40db-97ed-b81b14839a17~456579~0~0#42~8070419996045664251~456579~0~0#75~5931503064749152372~456579~0~0#63~Yfiu4UXV-pMn0Mb9Zg.AHAAA&1116~456579~0~0
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 5cd954eb54859a62355d68180fae9f1a594237dad0b93ebb7a83a9787ee34388
ads.stickyadstv.com/ Name: sessionId
Value: 2c7980e812f3c569a7020605fcd10eb
.console.adtarget.com.tr/ Name: a314221
Value: ncfWQhK7o2jF_PU4ihz4ETLFU6NyiNTUQuJ5sKiNFnzV43iuU_7XqTdCu7zti50nD3MrUYXLpeKAlMGKzbot1g
.fwmrm.net/ Name: _uid
Value: "l134f_7059584705884726182"
.eyeota.net/ Name: SERVERID
Value: 20801~DM
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l134f_7059584705884726182
ads.stickyadstv.com/ Name: MRM_UID
Value: l134f_7059584705884726182
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEFoCRoEZRfzgBwosANUDGN0
ads.stickyadstv.com/ Name: uid-bp-892
Value: 59444c0f-47c1-4b1c-a915-855b519598a7
ads.stickyadstv.com/ Name: uid-bp-951
Value: 5931503064749152372
.yahoo.com/ Name: A3
Value: d=AQABBOKu-GECEL8Mkhe7HBIVjYK6XOmdN3EFEgEBAQEA-mECYgAAAAAA_eMAAA&S=AQAAAgj_9L5oYVbagnZR1aUA-VY
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-fr6EgRhE2oO1VTHDukQX3PwyGhA3JzciapNKP5lT~A
ads.stickyadstv.com/ Name: uid-bp-529
Value: 670e61f8-aee2-4d00-9e0e-737cec3cd0b5
.bidswitch.net/ Name: tuuid
Value: d2d17e31-2696-46b0-b00f-55cdc506595c
.bidswitch.net/ Name: c
Value: 1643687652
.bidswitch.net/ Name: tuuid_lu
Value: 1643687652
.erne.co/ Name: u
Value: Lbz5OTBYyzWQRwUhg77wYP2q
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: b608b833b8d7176f7807effc6cc5bb8095b5db90573f1f3ed0337b11b6309782
.w55c.net/ Name: wfivefivec
Value: Ocn3Cw7e1NeKfa5
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: Ocn3Cw7e1NeKfa5
ads.stickyadstv.com/ Name: uid-bp-617
Value: 8070419996045664251
.casalemedia.com/ Name: CMST
Value: Yfiu4WH4ruUA
ads.stickyadstv.com/ Name: uid-bp-45
Value: Yfiu4gAC2316UABH
.lijit.com/ Name: ljt_reader
Value: 92d459ab911038721e233b8c
.a-mo.net/ Name: amuid2
Value: 6a931c91-7038-4c9a-899b-b749e9a7ea20
.admixer.net/ Name: am-uid
Value: 7b259baefcab453787711792a7e19010
ex.ingage.tech/ Name: instUid
Value: c22a13c1-5e7a-43a9-8ecd-07db89f2d1d8
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.casalemedia.com/ Name: CMRUM3
Value: e661f8aee22760&dd61f8aee22760&2e61f8aee505a0&2d61f8aee22760CAESEIRmWx20kgNpQfz64XxslUc&5861f8aee505a0&9861f8aee22760d50cac91-9524-4e91-bf6f-d6e31084eb0d&5161f8aee227600ag9nYb8PpfKr2jG0KF2lNaob8HKoW-VhvtgH2wY&f161f8aee205a0&bc61f8aee505a00&2761f8aee20b40&da61f8aee52760&3361f8aee505a0&0d61f8aee52760%7Bamob_user_id%7D&4161f8aee205a0&ce61f8aee505a0&4961f8aee505a0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 08F6A4C4-E2F6-4412-9D16-320F6F86208E
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156631:2
.pubmatic.com/ Name: DPSync3
Value: 1644883200%3A197_219_201%7C1643760000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1646265600%3A203%7C1644883200%3A13_54_22_81_204_220_161_7_88_230_99_222_3_55_176_165_233_238_21_56_8_71_234_166%7C1644537600%3A63%7C1644278400%3A2_15_223%7C1644969600%3A35
.quantserve.com/ Name: d
Value: EPwBEgGrJfijC_vLEA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yi~22zf:18z8~22zf"
.bidr.io/ Name: bito
Value: AAq28U7D8V4AAGQX9Q76GQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.taboola.com/ Name: t_gid
Value: c82be9ec-c8c0-404b-80ce-b6acec0e4f7b-tuct8f23465
.bing.com/ Name: MUID
Value: 125D29B36A1E602F1742388D6BCC6186
.bidr.io/ Name: checkForPermission
Value: ok
.360yield.com/ Name: tuuid
Value: 3d158837-9bfd-4f41-b7cc-4e0ee2dc7033
.360yield.com/ Name: tuuid_lu
Value: 1643687653
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-05dcf6da-17ae-4824-9868-537bd0596a78-003%22%2C%22nxtrdr%22%3Afalse%7D
.admanmedia.com/ Name: admtr
Value: ed9fe1139178481f1b1dbd3c68925cea524d8bdf
.simpli.fi/ Name: suid
Value: DF8CD24353B74481AD5E1A55A7F37389
.turn.com/ Name: uid
Value: 8627758794172146307
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Yfiu4gAC2316UABH&KRTB&22978-Yfiu4gAC2316UABH&KRTB&23194-Yfiu4gAC2316UABH&KRTB&23209-Yfiu4gAC2316UABH
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:670e61f8-aee2-4d00-9e0e-737cec3cd0b5&KRTB&16736-uid:670e61f8-aee2-4d00-9e0e-737cec3cd0b5&KRTB&23019-uid:670e61f8-aee2-4d00-9e0e-737cec3cd0b5&KRTB&23208-uid:670e61f8-aee2-4d00-9e0e-737cec3cd0b5
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-59444c0f-47c1-4b1c-a915-855b519598a7&KRTB&22918-59444c0f-47c1-4b1c-a915-855b519598a7&KRTB&23031-59444c0f-47c1-4b1c-a915-855b519598a7
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7059584701594794130
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8627758794172146307
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8070419996045664251&KRTB&23263-8070419996045664251
.de17a.com/ Name: guid2
Value: 1.1177796469199382528
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-05dcf6da-17ae-4824-9868-537bd0596a78-003%22%7D
.pubmatic.com/ Name: SPugT
Value: 1643687652
ads.playground.xyz/ Name: connect.sid
Value: s%3A7W2eW1xLMpRHdAbLBf1p2XD7648pWyQ5.VIcR8JSKvBGwO4PTmZq2iVicgPy2q%2B5By%2BhhYKFY4No
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-05dcf6da-17ae-4824-9868-537bd0596a78-003
ads.avct.cloud/ Name: uuid
Value: 4036ebeb-d23b-49bc-a86e-4519b621df76
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&9ef36b1e-b343-48d5-8bef-cfc382f1b6cf"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDM2ODc2NTM7MjswMjGmfEFLEK9tDgGZZAUFUktdDBYexSW226Z7ZNvw2q75Hw==
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2634:u=1:x=1:i=1643687653:t=1643774053:v=2:sig=AQE4a97yJA26WKGYwKN4ndWJ6CnXSh9Q"
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d2d17e31-2696-46b0-b00f-55cdc506595c
.aralego.com/ Name: gdpr
Value: 1
.onaudience.com/ Name: cookie
Value: 5e05c569749a91c2
.onaudience.com/ Name: done_redirects104
Value: 1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 032863f55a5f3c52
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwiWkt7fp9CyOhAFOAFaB3J3dXE5bnlgAg..
.tribalfusion.com/ Name: ANON_ID
Value: acnseFr2PKcFuYnRYa72ZcmNE6nSZdrbFfIIZdsJZc5HBYRNyoTuNOSam6xIfNgDdGBgAYW6ZbJ3roPPffyNDB53D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ead588d4-b9b4-49ae-57fd-69780239b0d0.D9%2B2bp1LVr7%2Bwqxtceq7iM42%2B%2FPgh%2FmQEZqsuwZ%2Fo04
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-ead588d4-b9b4-49ae-57fd-69780239b0d0%24ip%24185.213.155.163.E15YrB5SNCQePEwuLj8Sx4QMpYGcos%2BYVKkalKEExBg
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-6tWI1Lm0Sa5X_Wl4Ajmw0LnVm6M
.onaudience.com/ Name: done_redirects219
Value: 1
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsExKNEg2TUozN7NMM0hNMk40SLVMMzcxNE01TjIxMDVkAILEH%2Bue%2Fv3%2F%2Fz8%2FiAMBANfuEAI%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI%2FLHuKZCCAgAj9wLt"
.bfmio.com/ Name: __106_cid
Value: 59444c0f-47c1-4b1c-a915-855b519598a7
.bfmio.com/ Name: __io_cid
Value: 59444c0f-47c1-4b1c-a915-855b519598a7
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-Lbz5OTBYyzWQRwUhg77wYP2q
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1177796469199382528
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEDdxrALkoqiCb2aWzwwc1a0&KRTB&16514-CAESEDdxrALkoqiCb2aWzwwc1a0&KRTB&23025-CAESEDdxrALkoqiCb2aWzwwc1a0
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-PI1aK2vZWSEnig9wPYQRIjuNCHcnhAgja94BajM0&KRTB&19420-PI1aK2vZWSEnig9wPYQRIjuNCHcnhAgja94BajM0&KRTB&22979-PI1aK2vZWSEnig9wPYQRIjuNCHcnhAgja94BajM0
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5931503064749152372&KRTB&23339-5931503064749152372
.pubmatic.com/ Name: PugT
Value: 1643670499
.zeotap.com/ Name: zsc
Value: %B8%3B50%C4%7C%E7%15T%86%9EqK%A7%A8%B2%DD%D6%FB%D1%E0%BD%B8%EF%F6lJya%E5jW%F8%0C%8A%AD%B2%903%F8%B0%C9.%3D%E9%A1%EA%AA%E9jxO%22%80%92%7C%0E%1A%3D%0E%97%1Ax%24%CE%B0%2F%0B%0D%C7lO%BB%A2Z%28%BFT5-9%09X%8D%D0%93%8C%1Aq%EB%A5%C0%BF%95k%1CI%1Co%E1%94F%078%A0%C6%5B%FAL%29S%DF%BEj%98J%29%FC%D5%9C%B6%FA%99%28%EA_%90J%1ELx%A5%08%11p~%9BE0-%99%9EP%1E%A6%60%A8%F3Y%8D%2Bm%CB%D6gF0%D0F%BDs%1B%928_%C2%E9%F1
.adsby.bidtheatre.com/ Name: __kuid
Value: e9137f87-11a3-4877-bbcb-c6347e272934.412901654
.pubmatic.com/ Name: PUBMDCID
Value: 3
.audrte.com/ Name: arcki2
Value: 33lWuQgnsCRTieTgo4Xt62eqQ!20210804!1643687654811

16 Console Messages

Source Level URL
Text
javascript warning URL: https://srv.tunefindforfans.com/fruits/apricots.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://srv.tunefindforfans.com/showads/adunit.php?id=100004491&di=&subtag=&search=&artist=The%20Weeknd&song=Sacrifice&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1643687649056, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://srv.tunefindforfans.com/fruits/apricots.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://srv.tunefindforfans.com/showads/adunit.php?id=100004491&di=&subtag=&search=&artist=The%20Weeknd&song=Sacrifice&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1643687649056, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://srv.tunefindforfans.com/showads/adunit.php?id=100004491&di=&subtag=&search=&artist=The%20Weeknd&song=Sacrifice&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fsonichits.com%2F&t=1643687649056
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://live.primis.tech/live/liveView.php?s=108853&schain=1.0,1!bandsintown.com,1893,1&cbuster=16436876490727, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.43.4
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2364040295132926877994
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://tags.bluekai.com/site/87734?id=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ea718b20-39c1-4a2a-7a83-c152f9e5b1f3&reqId=72f737b0-4cc0-4f7b-788a-860c392bd23b&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://match.prod.bidr.io/cookie-sync/syn?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=DLuy315fp&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=9ba0c5bf769f0eb3a0e9f7415e3b4051
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://px.surveywall-api.survata.com/t
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
adx.adform.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
auth.instiengage.com
b1sync.zemanta.com
b2c.insticator.com
b2c.instiengage.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
biddr.brealtime.com
bn01.er.bemail.it
c.amazon-adsystem.com
c.bing.com
c1.adform.net
casale-match.dotomi.com
cdn.admatic.com.tr
cdn.adnxs.com
cdn.aralego.net
cdn.clickfuse.com
cdn.districtm.io
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.instiengage.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
core.iprom.net
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d.turn.com
d3lcz8vpax4lo2.cloudfront.net
d5p.de17a.com
df80k0z3fi8zg.cloudfront.net
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eua.instiengage.com
eus.rubiconproject.com
event.insticator.com
event.instiengage.com
ex.ingage.tech
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
fundingchoicesmessages.google.com
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
global.ib-ibi.com
green.erne.co
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.e-planning.net
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.youtube.com
insticator-d.openx.net
insticator.technoratimedia.com
inv-nets.admixer.net
js-sec.indexww.com
js.adscale.de
js.cookieless-data.com
lastfm.freetls.fastly.net
live.primis.tech
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
match.taboola.com
media1.giphy.com
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-geo.s-onetag.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
product.instiengage.com
protected-by.clarium.io
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.surveywall-api.survata.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
sonichits.com
spl.zeotap.com
srv.tunefindforfans.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.instiengage.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.bfmio.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.intentiq.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tag.1rx.io
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
uat-net.technoratimedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
video.primis.tech
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
ads3.admatic.com.tr
global.ib-ibi.com
match.prod.bidr.io
px.surveywall-api.survata.com
104.111.215.191
104.117.200.100
104.16.190.66
104.17.120.107
104.36.113.17
108.157.4.42
129.159.70.95
142.250.184.194
142.250.185.194
146.0.227.109
147.75.38.124
150.136.26.45
151.1.205.165
151.101.129.108
151.101.130.49
151.101.193.108
151.101.193.194
151.101.65.44
152.199.22.191
159.65.197.210
162.210.196.208
168.119.146.39
169.50.137.182
178.162.133.149
178.162.133.150
178.250.0.157
178.250.0.163
18.156.0.31
18.168.101.220
18.197.251.199
18.203.74.39
18.66.112.41
18.66.139.46
18.66.97.88
185.183.112.155
185.184.8.65
185.220.204.204
185.29.132.241
185.33.221.217
185.64.189.110
185.64.190.78
185.64.190.81
185.86.138.122
185.93.1.242
185.94.180.126
188.132.147.235
195.5.165.20
198.148.27.140
198.47.127.20
199.115.117.82
199.187.193.193
199.232.198.2
2.18.233.201
2.18.234.21
2.21.111.28
2.21.141.175
2.21.142.210
2001:678:cb4:bbbb::11
204.237.133.116
205.234.175.175
212.115.110.216
212.82.100.182
213.155.156.182
213.19.147.42
213.19.147.45
213.19.162.80
216.52.2.39
23.37.42.132
23.88.75.189
2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9
2600:9000:223d:f600:9:78a:e540:93a1
2600:9000:224a:1c00:1c:386f:ec80:21
2600:9000:224a:1c00:f:4f64:8940:93a1
2600:9000:2315:5800:10:3422:3f00:21
2600:9000:2315:c200:17:5bae:c7c0:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:1b7
2606:4700:20::681a:22c
2606:4700:20::ac43:47fe
2606:4700:3031::ac43:d645
2606:4700:3039::6815:c08f
2606:4700::6812:d05
2620:112:f006:bbbb::16
2620:116:800d:21:3175:5196:e3fd:8c1d
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2016
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9c
2a02:2638::1c
2a02:fa8:8806:12::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::591
2a04:4e42::300
2a05:d018:24:b001:c5b2:6467:3d71:6a2f
2a05:d018:d29:3605:ccb:acde:da2f:31fc
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.127.178.105
3.210.11.204
3.212.173.197
34.102.163.6
34.102.253.54
34.120.133.55
34.149.20.76
34.192.55.191
34.199.204.104
34.245.154.233
34.254.143.3
34.255.158.76
34.98.64.218
35.156.100.230
35.157.38.3
35.158.25.241
35.186.253.211
35.201.81.244
35.227.248.159
35.244.159.8
37.157.2.248
37.157.3.29
37.157.4.24
37.157.5.142
37.157.6.251
37.252.172.123
37.252.172.249
38.27.122.126
46.249.52.248
5.178.65.246
5.178.65.252
51.158.28.82
51.222.80.231
51.75.146.200
51.75.86.98
52.17.153.244
52.19.22.209
52.22.106.223
52.22.84.205
52.222.210.175
52.222.214.42
52.223.40.198
52.31.13.93
52.46.154.242
52.72.173.84
52.84.90.11
52.95.126.160
54.144.85.208
54.167.5.236
54.73.168.5
54.76.155.32
62.149.0.72
62.209.227.211
66.155.71.149
66.155.71.25
67.202.105.21
69.173.151.100
70.42.32.31
72.251.241.206
72.251.244.142
76.223.111.18
8.2.111.137
8.39.36.141
85.114.159.93
87.98.228.78
89.163.159.106
03d6531272bc6ea9f46bb22f939fed9f61c34bc34036fdb43de6e6cbd8932ca8
04707005e04ea48b90c93e8ff1a0ac6e2b5be4b733579c9a683a3e3cc0e89bfb
067b91dd9e8491f48d0206f420632fed4632c201b7ecc544452db3f6839ec83b
069fa425bdbf13039ef386d38f28669f14a4ce2ab4c80fb343b68616c8dd63e5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0771fd95016ce644415371f0276cf12cf266625dbb489b1e7577f4cfe57ec9e8
09a6d59f29991351a3146cbc0dfb7c6104ae603120337b7ec05da94c703493da
0a3868c61ca885220fcbe768210f995e928e578050c68a425acd82688adba5be
0ade01fc1039783b8856963a06bc1013101747fc7f28b66710f2989f94220b57
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcee2446f8299d948a41b137b2c52f37bbed3f15db0cb5382551339d6eab432
0bdb28f3da9b2dc45c5347673a4d74d9917647a6d9389b789d8518e765bced98
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
1121966eef3bbe6e63d5605c2386a620b6aa6e834276437b50d4df3bed193059
136ddf394493465215aa32a08a1725c1ec56e73808070bf34d275a2ea5276c30
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
16bbcc589751232ea40d779a89c549d5399e838956d0ccc7beb41c2a24e76123
1794779f1a4fb70a636d0a4ebe0fdd403095d091231210e2cacdf9166629ddc1
17c58acb7c55041f8df39903deb382768ef4b5ca697bbc54fd64e67c6a0ee032
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
193a42b6ed1ed56af5c65a73ada2affb24534d533f7d697f7cddf5f4c7c05fe0
1d1421065363bb256da771d1bf8cac06582efa02688c080b9ccd1b9a746c37f1
1f24961257ca243c8c2ce1ff5825867d8d74981e0e24356e5503cf101fae6505
201bafab5849bf14177185387bbc0cb88c09c62cc8d4d07fe766b0cb7d897eea
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
208d803b1e84d2b1017f3740070270801590cebe44a04e381812203fc9379bd2
20d0e07d01f4bd7a60486200c8b0882aac55bb48326117ae23a0ce91bc061a91
2126e9d02d5b533c4462365017448f72ec413879c7b94c78c27cc6e5bc3fea97
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
281ed0393f041e551a88ed3152eeab17551acb4503625c0d56aeeabc6aca7688
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd62c74124ee696f88f9d211ef313dae2a3c8305b19d82de9f3fe0b06abe796
2c3a5e95f67f4eb3c4169ce4d9c9d5af3f65fbb8c078109552c566df80823bf7
2db94632401f3d331de21fbdb6a8db8f2fb2daac228feb56ea14f613c4a83024
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3e43a69b0b23abe6903d48246d901a0333dc65f4d0a3092d16fb43a0ca9703
2ea17ed925f622cafde6043a986aa6a73596846b691d37abcd2293e37ad337f5
2f4c8aa18adcd43ea491199764b7d818b9c5c68bd0691c940c4fde3aa6bae877
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd1b553f65628b5f74e04e95a6738e7fd45ae5b808a3e8fe295e3a6121fc5f1
2ffa5ae20557d6536234c1c41cb63a8de719fa622b97f82109869bc9042f4112
3155cd449a2085846e620747cc4f30dbf639cfcf5f4211e1c7224043e8806d45
31d37c63b368feb042b61d6af4b25aa5bc761ece3dd73a4b9dd69afe650f1e8c
34a4ce20fbf0912702b627e6bdf3e5efa91ad2eadb56fa016a7f5068413a438d
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3c423e674638442afef985aa2c86864d7238a30af166f3a9d6b05c3ea4b90035
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
414a1a2d9428825f15596c5a8ed05c076da4242ad07c8a2843a58e9bbd763f26
4269982cfebfce7f46c98b72859a6cd7272db6e7e567e714af3ca8339c4ec49a
468bd6764eff264452e2cd22f06d3ccb569941caceff828cd1bc0374a4774eff
47a0a1b737e77a4a0f73e5e30ee6bcc73a09c2f532704d88d36bdc3d0dbda5ba
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
481f91bab5bfe29d46a7c0890dc6d1780018692ef4920bf441db8b18698700a1
48384aef5e51c4ebf280ea528ab1990cf84396162d73dc706046b7b0387517bc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49b480e0fc70d5f129fbc2a0d69c232b70e61c16d1a64b2d86f5fe5ef6ec427f
4aaa273d9d55db2a5558af6a893500f7a8884d4f21ddb3117d8832c9d5005612
4c2d4526697d52f6d28409419eeb39b3b9051dd5103fd86ebf73852aff365ffb
4cc37bc5759f695289a17d805ea8a9bf1c8f2f86114913681257ceab355a3bc3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
5032d3c1cb70ad1606485c62389e0c68f77ae4c209d0d2e8c99beb0458dcc967
537f20031f37cc91a323366338e238058b5ae4b81ef61048d58b743fe6b59a05
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
59fce0e5467af585c1a1a438682aa4eefc9b8d7c2dedd34ca408057d6e69366f
5a77c28d6035684d06bcad4bd1c78601869b55b043c82bf13a913f643dc27146
5b5da262b5f028a42707a671274f90ae3bae51974519325584fcec78762b779b
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5cb200de113f12a3afed5d5c7ea85276b402f32ff19bd8732cce5a997192235b
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5ea321d799e3ff43961ab684a14e65597b43c744a90238064f9bfc8e3c626916
5fb143acb6c2530794155476810cebbd511a5b51399ae7ed92f77e6bf7d2cf55
609a5f132029b6f636b23a4b54c1f670f5aa86a7de5812c203f8dc253e047c64
61997e67cda6605b2e0762371d54b823af2f519eb37eacd10e721204125e28be
61d0263353c00ba2b8364f60f9a8276afbb7fbab8781298097fd2325527c8517
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
63d81293bdb83db456c23b8fbfcd89c5d88a7637b5c3f2625f24f618f54f6293
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
669ce35bff6bd7fef207553f8637d144c45742e870e5e01744c57870b63d943a
6720100f58e20389c3add680bb69f6b1d4c894e34750aa263ac79940b43f4b5a
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
68df69379bde4eb5a643cd80170bdeeb7868c26a7b5953960c77c737e5cdf35b
68f33925cd632dd5a3653cfcdd240a401cc83a96453650269b8f785438f394d1
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
69fa96ddf7d8a75e81ee6d9620e3dcee3fc235557811f6f0b38344a064621d43
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
714aca0164a2204fd1ff38fced9863ee7117db122be51cf725b277d90e66f452
72265c5f43ccec47936ea58e4c6d541c582ff0b504361fb9320204834030beec
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
781534fec9ccfcd8df533225aa78007ba942d3649dd1f4cea27f002fd38c2618
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a
7c2d8f0cc351c3db28e3e112332ae175ca55c326a18e9db8ee2608186489705a
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
80c3b0bb3843e2e6e04ae445d0096615e1d11172c1959e6b7c49094e25498238
820bca33b119d8646f06dcc9b754e52651aebf53f72bc98b2c700b1e36d8d77f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2
83f29db414a40f2f956726cee20099b4efdaf5002f915efc36928e4bdbca190d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
87c1a1544e82e3cbd5669f3779c532bbc3294e582807d52aa9bb0463d9dbf36b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d942962a01c4c93cf18a83256e0d5247c7818fb544153f020d566bdbb0e7b1f
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9362d229102d521679ee89cd31fa75bb6c2dde24d66c050262f5fc2c14e3d15e
94d2a42ab331781032ea9e3963d846efb4ce0a2f0b7e7c38181e505848aedcb5
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
9846ee922dce007acfbf9975c01a92e41e5917f7eaff02de364becb337e56aea
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99658b1219669a31f914e23a5732619f6c350650a1dec64fb00e058a5fc9dd68
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cd82a16c99adaca8e8f468f454a2a5d8910747f984a288f6e4d5cf07c4eb3ec
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20f90e11639ad795b66015af8021746e1521e4c4afafcc0d335c936c33e11e1
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a566ffc37f2f21ae0ac468ff2353d8a58b738bb472432ebc024bfb0092976e7a
a6e164ec87dafa0b43317a99b4912b38c43712d255beb48d79c91ad9ce37ecab
a70bc118863cd5964f9964c89f134894800f253b9e41ec684c0054dbffb21e46
a76e922fc7e20cc18cc00d33a45194fa199bf7000998bc184d919ccf35c1e83b
a9c97ad607ee15393bf20e97304590bfefe3c1bb75d1028e6f6b58a2d997bb64
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3d53ed27cdc38447919a51a6ab9de8b68d6d257c138dddf4adb2cccb2eff24d
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b51cb0cd905a52c2e123bb6cfe99a60eabcebf88dbc26594e435c5d53f6a8af1
b65d811829733883aa5577cf3396c91bd3be7e181348740ddf1f2a193a429d95
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd
b9d25539bcb164a14ea93a0e6e42a4bcc301997dac47eff54a51d04af796f4a1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc29cf9c75a84308daee78ae9fc27d711a583b50184c5931c41311325a4443fa
bc9ae2a6e821a0f3ba11ed872830e2eb7441c61c9ab9b388fff4119a257839d8
bd25162bd79a386d9fc8dccdc0cf3b5d39e858786a7abf0cc2308621eea52334
c06789e2affc2b5ecfdfb35d1cc9f2d766bdd995cb10d9e7257609503e282aa4
c0f7b4bbf3e4fcea26e790ff48c8d3fdd03399979d871d05c7f22885cdb9baea
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c33c999bcf12767082b2255c01d4b3fd906906aa2b10293524007f035517a8bc
c44ce254de13f32686a947f940aaca6f4dd5dcc249299e317d691f481728353a
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bdffc356ed0615540f4cac598814aeb24dbfe2a3ae87c5292dac0dfd35db20
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2845cabf9c5cdc91fce9a638ed5d0da542e6987b18eafdaa5338b4e8e27ac3f
d3ab4e4f2a0c477f0adf2ed54beb8f1a80cca30bd9769f732682cea51724d723
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d614d0c48799621b4301a34a64082f6adbe66439a52aa5ab2541c1704ea43f98
d685aacbfdc4b9019d05c149697b612f4dac768d20fbb40d38b461943cd5dd7a
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde00a179a925a4ecd7c05fdc69ac2ec0d45e29391767ee85b8fd671448a8f08
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
e85515e4b923f8f48af58d1036e7478fd4b119338548a8ef2c435e39df491a34
e9472a765aaa6c8bf119aabbdb0803855eb04472e054a5b567d2c8b8156a306a
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ec469f8d265e67b6eaa8c7797976d9763a36ecab9adcb25c6cc3add8015a7158
ecdc9ce783348836e3d200a44a3fb945e65bce418a9dd572884319b838f34aa8
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f72b7dcebfcde682a2555279d9c93980c87fb4dd88ee1a2ce05f23d8df0c58db
f8391de0f0cad42cb92cac80ddcb8626067930506679f2cc3655240e3912ca37
f89dbddf559988866ea9bb008354630f0f7fd9f82eb208ff5cac609808aaeb68
f8ffa52c4542ba54b0a20cf88b256462b35b538197559923ffc3e8aca5825191
f906bbd738834722cd04bd568b0269819071ab15365c2bb3d83f098507f84b1b
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb