urlscan.io logo urlscan.io
SecurityTrails logo

www.logicuser.de Open in urlscan Pro
185.243.11.13  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.logicuser.de/
Submission: On October 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 10 countries across 52 domains to perform 177 HTTP transactions. The main IP is 185.243.11.13, located in Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is www.logicuser.de.
TLS certificate: Issued by R3 on October 10th 2021. Valid for: 3 months.
This is the only time www.logicuser.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 185.243.11.13 197540 (NETCUP-AS...)
2 49.12.19.106 24940 (HETZNER-AS)
1 104.111.237.122 16625 (AKAMAI-AS)
3 23.37.42.132 16625 (AKAMAI-AS)
2 14 104.111.218.85 16625 (AKAMAI-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 18.66.109.174 16509 (AMAZON-02)
4 142.250.184.226 15169 (GOOGLE)
2 151.101.129.194 54113 (FASTLY)
3 4 18.194.4.47 16509 (AMAZON-02)
2 2 99.80.151.46 16509 (AMAZON-02)
11 32 142.250.186.66 15169 (GOOGLE)
2 2 2a00:1288:110... 34010 (YAHOO-IRD)
4 11 185.33.221.89 29990 (ASN-APPNEX)
6 9 2.18.234.21 16625 (AKAMAI-AS)
3 7 76.223.111.131 16509 (AMAZON-02)
5 5 185.29.134.244 30419 (MEDIAMATH...)
2 8 34.98.64.218 15169 (GOOGLE)
1 2 107.178.241.34 15169 (GOOGLE)
2 37.157.4.25 198622 (ADFORM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.210.58.154 19527 (GOOGLE-2)
13 104.26.6.39 13335 (CLOUDFLAR...)
1 35.156.28.35 16509 (AMAZON-02)
2 2602:803:c004... 26667 (RUBICONPR...)
1 35.158.25.241 16509 (AMAZON-02)
1 178.250.2.131 44788 (ASN-CRITE...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 195.201.62.39 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 151.101.194.49 54113 (FASTLY)
1 2 159.253.128.183 36351 (SOFTLAYER)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
3 3 213.155.156.165 1299 (TWELVE99 ...)
2 3 185.64.189.115 62713 (AS-PUBMATIC)
2 142.250.185.194 15169 (GOOGLE)
2 7 76.223.111.18 16509 (AMAZON-02)
1 104.17.120.107 13335 (CLOUDFLAR...)
1 151.101.129.108 54113 (FASTLY)
2 2 2620:116:800d... 16509 (AMAZON-02)
3 4 37.157.2.234 198622 (ADFORM)
1 2620:119:50e1... ()
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 209.54.176.128 16509 (AMAZON-02)
2 2 64.202.112.31 23352 (SERVERCEN...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 35.186.238.175 15169 (GOOGLE)
2 2 185.86.139.89 201081 (SMARTADSE...)
3 7 69.173.144.139 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2 18.185.163.58 16509 (AMAZON-02)
2 2.18.233.180 16625 (AKAMAI-AS)
5 185.64.189.110 62713 (AS-PUBMATIC)
1 1 178.250.2.151 44788 (ASN-CRITE...)
4 185.64.190.80 ()
1 185.64.190.81 62713 (AS-PUBMATIC)
1 2 51.210.112.63 16276 (OVH)
2 2 54.78.254.47 ()
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 1 185.33.221.13 ()
1 1 185.183.112.148 ()
177 59
3    185.243.11.13 (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: rw0b0d.webhosting.systems
www.logicuser.de
2    49.12.19.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.19.12.49.clients.your-server.de
cdn.netpoint-media.de
1    104.111.237.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-122.deploy.static.akamaitechnologies.com
cdn.mookie1.com
3    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
eus.rubiconproject.com
14    104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com
ad.yieldlab.net
2    2606:4700:3032::ac43:bb58 (United States)

ASN13335 (CLOUDFLARENET, US)
ubn3k2x9bfd2yw3n3.ay.delivery
4    18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
4    18.194.4.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-4-47.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    99.80.151.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-151-46.eu-west-1.compute.amazonaws.com
r.scoota.co
32    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
11    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
7    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
5    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
netpoint-d.openx.net
eu-u.openx.net
2    107.178.241.34 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 34.241.178.107.bc.googleusercontent.com
d.nativendo.de
2    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    35.210.58.154 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 154.58.210.35.bc.googleusercontent.com
orbidder.otto.de
13    104.26.6.39 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    35.156.28.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    35.158.25.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    195.201.62.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.62.201.195.clients.your-server.de
api.assertcom.de
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
15    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
3    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
7    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2620:119:50e1:101::6cae:b25 (None, )

ASN- ()
px.ads.linkedin.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
b1h.zemanta.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    35.186.238.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 175.238.186.35.bc.googleusercontent.com
de-gmtdmp.mookie1.com
2    185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    18.185.163.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-163-58.eu-central-1.compute.amazonaws.com
ice.360yield.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (None, )

ASN- ()
loada.exelator.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    185.33.221.13 (None, )

ASN- ()
secure.adnxs.com
1    185.183.112.148 (None, )

ASN- ()
sync.adotmob.com
Apex Domain
Subdomains		 Transfer
30 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
189 KB
19 googlesyndication.com
43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
96 KB
15 pubmatic.com
image6.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
27 KB
15 2mdn.net
s0.2mdn.net
266 KB
14 yieldlab.net
ad.yieldlab.net
8 KB
13 smilewanted.com
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
22 KB
13 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
28 KB
12 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
44 KB
9 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
8 KB
9 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
8 openx.net
us-u.openx.net
netpoint-d.openx.net
eu-u.openx.net
2 KB
7 adsrvr.org
match.adsrvr.org
3 KB
6 adform.net
adx.adform.net
c1.adform.net
2 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
40 KB
5 mathtag.com
sync.mathtag.com
3 KB
4 4dex.io
script.4dex.io
mp.4dex.io
24 KB
4 bidswitch.net
x.bidswitch.net
2 KB
3 de17a.com
d5p.de17a.com
1014 B
3 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
1 KB
3 logicuser.de
www.logicuser.de
64 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 360yield.com
ice.360yield.com
646 B
2 smartadserver.com
sync.smartadserver.com
1 KB
2 zemanta.com
b1sync.zemanta.com
b1h.zemanta.com
611 B
2 quantserve.com
pixel.quantserve.com
943 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 everesttech.net
sync-tm.everesttech.net
686 B
2 assertcom.de
api.assertcom.de
540 B
2 google.com
adservice.google.com
www.google.com
2 KB
2 criteo.net
static.criteo.net
54 KB
2 otto.de
orbidder.otto.de
297 B
2 nativendo.de
d.nativendo.de
386 B
2 scoota.co
r.scoota.co
1 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
52 KB
2 ay.delivery
ubn3k2x9bfd2yw3n3.ay.delivery
23 KB
2 mookie1.com
cdn.mookie1.com
de-gmtdmp.mookie1.com
4 KB
2 netpoint-media.de
cdn.netpoint-media.de
193 KB
1 adotmob.com
sync.adotmob.com
672 B
1 rlcdn.com
id.rlcdn.com
1 turn.com
ad.turn.com
412 B
1 bing.com
c.bing.com
477 B
1 linkedin.com
px.ads.linkedin.com
599 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 adition.com
dsp.adfarm1.adition.com
583 B
1 googletagservices.com
www.googletagservices.com
38 KB
1 google.de
adservice.google.de
853 B
1 emxdgt.com
hb.emxdgt.com
160 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
177 52
Domain Requested by
23 cm.g.doubleclick.net 11 redirects 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
googleads.g.doubleclick.net
eu-u.openx.net
eb2.3lift.com
15 s0.2mdn.net www.logicuser.de
43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
s0.2mdn.net
14 ad.yieldlab.net 2 redirects cdn.netpoint-media.de
www.logicuser.de
11 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.logicuser.de
43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
11 ib.adnxs.com 4 redirects www.logicuser.de
cdn.netpoint-media.de
googleads.g.doubleclick.net
acdn.adnxs.com
10 csync.smilewanted.com cdn.netpoint-media.de
csync.smilewanted.com
ads.pubmatic.com
7 eb2.3lift.com 2 redirects cdn.netpoint-media.de
eb2.3lift.com
7 match.adsrvr.org 3 redirects cdn.netpoint-media.de
eu-u.openx.net
eb2.3lift.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
6 ssum-sec.casalemedia.com 5 redirects www.logicuser.de
5 image2.pubmatic.com ads.pubmatic.com
5 sync.mathtag.com 5 redirects
4 simage2.pubmatic.com ads.pubmatic.com
4 pixel.rubiconproject.com csync.smilewanted.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 gum.criteo.com 2 redirects static.criteo.net
4 us-u.openx.net 2 redirects eu-u.openx.net
4 x.bidswitch.net 3 redirects eb2.3lift.com
4 securepubads.g.doubleclick.net cdn.netpoint-media.de
securepubads.g.doubleclick.net
4 c.amazon-adsystem.com cdn.netpoint-media.de
c.amazon-adsystem.com
3 token.rubiconproject.com 3 redirects
3 eu-u.openx.net cdn.netpoint-media.de
eu-u.openx.net
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 d5p.de17a.com 3 redirects
3 mug.criteo.com
3 www.logicuser.de www.logicuser.de
2 sync.search.spotxchange.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 ads.pubmatic.com csync.smilewanted.com
ads.pubmatic.com
2 ice.360yield.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 pixel.quantserve.com 2 redirects
2 eus.rubiconproject.com cdn.netpoint-media.de
eus.rubiconproject.com
2 googleads4.g.doubleclick.net www.logicuser.de
2 tracking.m6r.eu 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 api.assertcom.de ubn3k2x9bfd2yw3n3.ay.delivery
2 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 static.criteo.net cdn.netpoint-media.de
static.criteo.net
2 fastlane.rubiconproject.com cdn.netpoint-media.de
2 prebid.smilewanted.com cdn.netpoint-media.de
2 orbidder.otto.de cdn.netpoint-media.de
2 mp.4dex.io cdn.netpoint-media.de
www.logicuser.de
2 script.4dex.io cdn.netpoint-media.de
script.4dex.io
2 adx.adform.net cdn.netpoint-media.de
2 d.nativendo.de 1 redirects www.logicuser.de
2 pr-bh.ybp.yahoo.com 2 redirects
2 r.scoota.co 2 redirects
2 confiant-integrations.global.ssl.fastly.net cdn.netpoint-media.de
confiant-integrations.global.ssl.fastly.net
2 ubn3k2x9bfd2yw3n3.ay.delivery cdn.netpoint-media.de
2 cdn.netpoint-media.de www.logicuser.de
cdn.netpoint-media.de
1 sync.adotmob.com 1 redirects
1 secure.adnxs.com 1 redirects
1 b1h.zemanta.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 ads.yahoo.com
1 id.rlcdn.com
1 de-gmtdmp.mookie1.com
1 ad.turn.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 static.smilewanted.com csync.smilewanted.com
1 acdn.adnxs.com cdn.netpoint-media.de
1 biddr.brealtime.com cdn.netpoint-media.de
1 dsp.adfarm1.adition.com 1 redirects
1 www.googletagservices.com 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
1 googleads.g.doubleclick.net 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 bidder.criteo.com cdn.netpoint-media.de
1 hb.emxdgt.com cdn.netpoint-media.de
1 tlx.3lift.com cdn.netpoint-media.de
1 netpoint-d.openx.net cdn.netpoint-media.de
1 cdn.jsdelivr.net cdn.netpoint-media.de
1 ads.rubiconproject.com cdn.netpoint-media.de
1 cdn.mookie1.com cdn.netpoint-media.de
177 83

This site contains no links.

Subject Issuer Validity Valid
logicuser.de
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
*.netpoint-media.de
Thawte RSA CA 2018		 2021-09-08 -
2022-10-09		 a year crt.sh
cdn.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-01 -
2022-04-01		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2021-03-09 -
2022-03-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-06 -
2022-05-05		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
nativendo.de
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
orbidder.otto.de
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
api.assertcom.de
R3		 2021-09-28 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh

This page contains 31 frames:

Primary Page: https://www.logicuser.de/
Frame ID: 38CB0F0D871B9BEC679D0D76D43BDBA5
Requests: 51 HTTP requests in this frame

Frame: https://ad.yieldlab.net/d/724079/6629/2x2?ts=66927180
Frame ID: E3735818528FAAAA5010D74B16157F38
Requests: 14 HTTP requests in this frame

Frame: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B7AA247B32B55BA746A62CB2780E12D0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.logicuser.de
Frame ID: 2977E7959C17785D35B3AC956BBDC50B
Requests: 2 HTTP requests in this frame

Frame: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 641A5F770B77B544B32394AA77C66885
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BF8EF91F39F988EF8DAA01078E27C2B2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A31A2A0ADF0765E19B65C507133C8CD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKjj2bIBMAE&v=APEucNWql0edPY_Pf6CejlXE_-Fy04j46Yc-hT6Oj5GVcO6sW_fcAM_CY8z8vf8bvCkZLDyRjj-dpx_7c4rARoOaLNda3Eje9keCVhZI6iXBNYiqs86hUGgWeQO4sVWZcH1ZeV3YSDyjGqcRKUSGyRiM9sfqdN5yGnV63oLSnbybrXgu6hRdhO4
Frame ID: 432DC2F3F6A8D9ED19656E8747529720
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B451033C5B8FD219218CF06FCC7CABBD
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Frame ID: EB20AF2342EE3590FCDA207867A309E5
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 24092BB7C11BE9C7DE3238EDBB898C59
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: D43069FE6A80F2ACBA31B53811E45383
Requests: 11 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 54FFD13214E2BDDDB7639595A95742B5
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: B4681489B8A6B37936C43ED3EC2BD045
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7C6305EEB1DB64127A52A080BF4CF356
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a3af9f39-79a3-485f-937a-5e98dbcd0d22&gdpr=1
Frame ID: A3211D01DD4192012CF7484C82CA3B80
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A66FD8598FD7633B156DF96FF3327303
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 025FC2FDCC1C303E46FDD09F075E989C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/440152998966965591
Frame ID: E8800862EF34AE37120BF1FFB42EF521
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/825265f7-2986-4d95-8b7b-f2418a4d1b16&partner_id=1010
Frame ID: 4B39F3923E0A342DAB976DBA2A1BF6FA
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 40268AFF65E54E957D4B9A1FECB4E295
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 0BDA0ABD69D3E069C5B456D706FC2013
Requests: 13 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YWLPlCstr60WuSevT2FqlAAA%261120
Frame ID: C2541C9A95E6BEEE47EEFD374E11E3B2
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=30566F1E-48BA-433B-B0A0-85BC34C2DA9D
Frame ID: 477307AC877D6B09A3CACB755BA9C5D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5855219308441562158
Frame ID: 8D971E42D384633F74C5A683BC50873F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: BFC9BFB0C140FEF64279DCBF87F4D983
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/30566F1E-48BA-433B-B0A0-85BC34C2DA9D
Frame ID: 528592AF0159FCBEDF10D1773127A514
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/ed2cccde-29bd-11ec-99dc-1708f5200206
Frame ID: C7DFF0722A346F4F90282CEF6F6EFA01
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: 48B8B7607AF2396FDAC251264F692C9A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/941953886362793386
Frame ID: 60F43CD02AD80BA68A5822F5EA3F92B5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adotmob/06cf2204035bc208c2e5720d&gdpr=0&gdprConsent=
Frame ID: E15F52030E35490281329FCE5AC3E0C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

logicuser.de - Forum für Logic Pro X

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • ^https?://(?:[^/]+\.)?yieldlab\.net/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

177
Requests

100 %
HTTPS

29 %
IPv6

52
Domains

83
Subdomains

59
IPs

10
Countries

1187 kB
Transfer

2854 kB
Size

74
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://x.bidswitch.net/sync?ssp=yieldlab HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=yieldlab HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=92e9b22c-4eec-451b-bd9c-5eaff86a7efc&ssp=yieldlab HTTP 302
  • https://ad.yieldlab.net/m?dt_id=6850&ext_id=fe7d4fa3-e849-48c5-b39d-c7d63d9f370b&gdpr_consent=
Request Chain 14
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm=&google_sc=&google_tc= HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGmqq-LGViZglY4OWShtiy4&google_cver=1
Request Chain 15
  • https://ad.yieldlab.net/mr?t=2&pid=5222173 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/yieldlab/0138d637-c414-42cf-8e02-44e44510e10c HTTP 302
  • https://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-uyuc2hdE2olNbOty8kVVTzL7nyLwNAyglZiKXWU-~A
Request Chain 16
  • https://ib.adnxs.com/getuid?https://ad.yieldlab.net/m?dt_id=140420&ext_id=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D140420%26ext_id%3D%24UID HTTP 302
  • https://ad.yieldlab.net/m?dt_id=140420&ext_id=941953886362793386
Request Chain 17
  • https://ad.yieldlab.net/mr?t=2&pid=9140838&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dyieldlab%26uid%3D%25%25YL_UID%25%25 HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=yieldlab&uid=0138d637-c414-42cf-8e02-44e44510e10c
Request Chain 18
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191771&cb=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D10447609%26ext_id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D10447609%26ext_id%3D&s=191771&C=1 HTTP 302
  • https://ad.yieldlab.net/m?dt_id=10447609&ext_id=YWLPlCstr60WuSevT2FqlAAABGAAAAIB
Request Chain 19
  • https://ssum-sec.casalemedia.com/usermatchredir?s=195270&cb=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D12527574%26ext_id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D12527574%26ext_id%3D&s=195270&C=1 HTTP 302
  • https://ad.yieldlab.net/m?dt_id=12527574&ext_id=YWLPlCstr60WuSevT2FqlAAABGAAAAIB
Request Chain 20
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldlab&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldlab&ttd_tpi=1 HTTP 302
  • https://ad.yieldlab.net/m?dt_id=99739&ext_id=05afd6ca-3150-47b9-8008-abca41f63c5c&gdpr=1&gdpr_consent=
Request Chain 21
  • https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D HTTP 302
  • https://ad.yieldlab.net/m?dt_id=6061522&ext_id=745a6162-cf94-4200-bee9-52925d1cd6b2
Request Chain 22
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=9e8aef82-3837-45aa-8e09-3af2ff8f6007
Request Chain 23
  • https://d.nativendo.de/cds/dmp/uuid?redirect_url=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6337123%26ext_id%3D%7Buser_id%7D HTTP 307
  • https://d.nativendo.de/cds/dmp/uuid/check/363b0c9e-3608-4e81-98ac-1a2d45d54f44/?redirect_url=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6337123%26ext_id%3D%7Buser_id%7D
Request Chain 59
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=logicuser.de&sn=ChromeSyncframe&so=0&topUrl=www.logicuser.de&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=KsUdKHwxTllha1hoZHA5SXBQYnZzRG85aUNIZVNyNzI2WTVzWlZJSWJZUENCSzlXY1V3MmZQL2tzNzIvcXl0cFkreTdlTkIxb3Jyb2RlUFRKTXE4UXFNenU5dW9jWkJqb1VzYUdPeDVKYVFBSndXRWxsdjlka1I0WnZ1L2w5SFN4cWFQM093cVFmUnM4UGVOMHpRM1B5bTA1Y1krczB0dVJvSHU1ZWZIM256UWVGUUNzMzY3NmlFZ1Y3YzB6alBhMHUrVjUxM203RHBtdW5HMkxiNU5tSi8rN3lvUUxncmZmVWVwNUNjWGZqQk5rOHFWaC9peFFzMit1cmNITkdqMkJPRWc1dlVQbmVycU90RThINUUvNXJzbzdSZz09fA&cppv=2
Request Chain 77
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENm0e4ArQIBqhw4_3yxzqpY&google_cver=1&google_push=AYg5qPKoMcKwS7yB9fNWIE2morRa4wS4ALyiU1-FJJyR_bkxukUmGpCL8UpWtoM9THjPpzeNH_DAI1y1TK6vux63PuxniKb9TQoM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENm0e4ArQIBqhw4_3yxzqpY&google_push=AYg5qPKoMcKwS7yB9fNWIE2morRa4wS4ALyiU1-FJJyR_bkxukUmGpCL8UpWtoM9THjPpzeNH_DAI1y1TK6vux63PuxniKb9TQoM
Request Chain 78
  • https://um.simpli.fi/gp_match?google_gid=CAESEPYTQf37jfBPNfag05rwUSk&google_cver=1&google_push=AYg5qPKS552Z7HL7MMCr9aG_erpyW-pGwy04_syLHkJujPsmxKG93gZ8ylV79k3ULeymgmhryD1d6-Ge6-hyznVflNrSaenMaXOn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F02507DB263F42229A810C6A14CF4B09&google_push=AYg5qPKS552Z7HL7MMCr9aG_erpyW-pGwy04_syLHkJujPsmxKG93gZ8ylV79k3ULeymgmhryD1d6-Ge6-hyznVflNrSaenMaXOn
Request Chain 79
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDToOQJLkNmx2wOVYv7hWYU&google_cver=1&google_push=AYg5qPJXitCkrZhTF4ffXNADP4ArRMyTnxCv-KmObMk7qH9ZHBJ_Ap_eKXFKHU9kIx2qrz5KpXdiC4Q3uixLkRdBtP669snX53c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzM5OTQxNjg1NTEzMjMwMQ%3D%3D&google_push=AYg5qPJXitCkrZhTF4ffXNADP4ArRMyTnxCv-KmObMk7qH9ZHBJ_Ap_eKXFKHU9kIx2qrz5KpXdiC4Q3uixLkRdBtP669snX53c
Request Chain 80
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMA4qMYlzh0NavVbos0qwNM&google_cver=1&google_push=AYg5qPK32swzC2yLLAjudO8ZxivA9IH8UUpR495VLhjy_hbV4TF2X8qe_Md2a6Rn-ixrkJgmKcO2mMDfXhVu_rLIzjUu03khc1JL HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMA4qMYlzh0NavVbos0qwNM&google_cver=1&google_push=AYg5qPK32swzC2yLLAjudO8ZxivA9IH8UUpR495VLhjy_hbV4TF2X8qe_Md2a6Rn-ixrkJgmKcO2mMDfXhVu_rLIzjUu03khc1JL&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=tBux9ghCph4L668RAiNsDQ&google_push=AYg5qPK32swzC2yLLAjudO8ZxivA9IH8UUpR495VLhjy_hbV4TF2X8qe_Md2a6Rn-ixrkJgmKcO2mMDfXhVu_rLIzjUu03khc1JL
Request Chain 81
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMHTCdWbCMnC7v1SRd7gJ9A&google_cver=1&google_push=AYg5qPKZ5H1xc27DkiItsnrpe9PRbLOopGV3Jd4EjNCVSiYbxZQhIZ6QATeFCvArzPoU_NpDLocxTSYpJOrAiNLFxClCOzf034I HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMHTCdWbCMnC7v1SRd7gJ9A&google_cver=1&google_push=AYg5qPKZ5H1xc27DkiItsnrpe9PRbLOopGV3Jd4EjNCVSiYbxZQhIZ6QATeFCvArzPoU_NpDLocxTSYpJOrAiNLFxClCOzf034I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKZ5H1xc27DkiItsnrpe9PRbLOopGV3Jd4EjNCVSiYbxZQhIZ6QATeFCvArzPoU_NpDLocxTSYpJOrAiNLFxClCOzf034I
Request Chain 82
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELC2baPx0ZkkGSXDtpaG0Oo&google_cver=1&google_push=AYg5qPL_HCZZBBe2jN0Wji8FimJJcA_U1Sd4RuXxBZSk-w-WkyMi4BpleE1BDEPoNVsK8jUwvkfdlXbyECmDTgLYI-jdWRJvtz8r HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELC2baPx0ZkkGSXDtpaG0Oo&google_cver=1&google_push=AYg5qPL_HCZZBBe2jN0Wji8FimJJcA_U1Sd4RuXxBZSk-w-WkyMi4BpleE1BDEPoNVsK8jUwvkfdlXbyECmDTgLYI-jdWRJvtz8r&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MFZvHki6QzuwoIW8NMLanQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL_HCZZBBe2jN0Wji8FimJJcA_U1Sd4RuXxBZSk-w-WkyMi4BpleE1BDEPoNVsK8jUwvkfdlXbyECmDTgLYI-jdWRJvtz8r
Request Chain 85
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECCFtPuf_v2xgfUfbVQ9w8c&google_cver=1
Request Chain 86
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWLPlCstr60WuSevT2FqlAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECCFtPuf_v2xgfUfbVQ9w8c&google_cver=1
Request Chain 87
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ7vkC_3VKLKjL0CCKDBTPk&google_cver=1
Request Chain 88
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTQxOTUzODg2MzYyNzkzMzg2
Request Chain 111
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.logicuser.de%2F&domain=www.logicuser.de&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IG2AnHx4NkJ6TitWTUNuNTI1KzN5VjZKRHhMMTI1L3hLTkZ1Q1dZaGtpUHVzVDdpMFZSV3pwcTE1RWJSSjllUUdXZ0k5Szd2WkNJdTRkeDNOZ2tOUFl0ei9qRlhicENaVWRMSjNnUFJyVG5yZ0RIcW50b3prZWg0V0pVUEZxMFM3ajh5bnl2NmtOK092ajZLczQ3N21PejRmR1VyTmliVFFIWXpNd0k4NDBwVUk3LzQ1NlJKT2JZY0FFWnkvVlpjQmZwZnc0QlhKZ3hFQ2piSWNCaVI2OGNjUTZ3MGlDMHZ1RzJPMmR1cGR0am4yZzlmRjU2aG1MaDhpcGNmMUNXWEQwVzNXSGJFQWRIdG1nTlNWbk9ZM1h1T2d0dmhJQkFya3VtTFJPZCtrd2VmdXNNaz18&cppv=2
Request Chain 113
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 120
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=745a6162-cf94-4200-bee9-52925d1cd6b2
Request Chain 121
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NyqaD2J9lQUsKJkKNn2BCDd5zQ8sKJwINiKy4vdB
Request Chain 122
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5208185477574498488
Request Chain 125
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYre2UuhRbYQzIKERM4oyQ&google_cver=1
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP2bOcXJ_NW6jSNjjQGKHzE&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 131
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA3MDc3MzM4ODU0ODU0MjY5MTg%3D
Request Chain 133
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/10707733885485426918?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-6gAU_plE2oRNoUZ5x.0IbSv98QmkvWyVTDAwryacFQ--~A&dongle=0883
Request Chain 136
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=10707733885485426918 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10707733885485426918&dcc=t
Request Chain 137
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 138
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8879911698156568978&dongle=d407
Request Chain 141
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/440152998966965591
Request Chain 142
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWLPlwAIBq1EXAAT
Request Chain 143
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2VlNGYxNzk3MDBiMGU5OWE1MTYwMjE0MTlhOWZkYjhiNjcyZjlhNg
Request Chain 145
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VMNUVMS1otWi1IT1E2
Request Chain 146
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=745a6162-cf94-4200-bee9-52925d1cd6b2&expires=28
Request Chain 147
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUL5ELKZ-Z-HOQ6&sigv=1&esig=2~615a889ccfc6438ba29d1c9718c480199e380fc4
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFDk7SbI43dwfKVa91zeZRg&google_cver=1
Request Chain 150
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/825265f7-2986-4d95-8b7b-f2418a4d1b16&partner_id=1010
Request Chain 153
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YWLPlCstr60WuSevT2FqlAAA%261120
Request Chain 156
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5855219308441562158
Request Chain 157
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MFZvHki6QzuwoIW8NMLanQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 160
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=745a6162-cf94-4200-bee9-52925d1cd6b2
Request Chain 161
  • https://pixel.onaudience.com/?partner=214&mapped=30566F1E-48BA-433B-B0A0-85BC34C2DA9D HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=945e8c90b06b3af207a14c9998e02303
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzA1NjZGMUUtNDhCQS00MzNCLUIwQTAtODVCQzM0QzJEQTlE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBAvLxLRl9CFqDQD7bgSous&google_cver=1
Request Chain 165
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=05afd6ca-3150-47b9-8008-abca41f63c5c
Request Chain 166
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5208185477574498488
Request Chain 167
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:745a6162-cf94-4200-bee9-52925d1cd6b2&gdpr=0&gdpr_consent=
Request Chain 168
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=941953886362793386&gdpr=0&gdpr_consent=
Request Chain 169
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Zqqy1zP9vd19qLHSZ_2p0Gb55dd9qLTQZ6Kmok7v
Request Chain 170
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=ed2ccd16-29bd-11ec-99dc-1708f5200206 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/ed2cccde-29bd-11ec-99dc-1708f5200206
Request Chain 172
  • https://b1h.zemanta.com/usersync/prebidtest?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 173
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/941953886362793386
Request Chain 174
  • https://sync.adotmob.com/cookie/smilewanted?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadotmob%2F{amob_user_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adotmob/06cf2204035bc208c2e5720d&gdpr=0&gdprConsent=

177 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.logicuser.de/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.logicuser.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.243.11.13 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
rw0b0d.webhosting.systems
Software
nginx /
Resource Hash
4b0d3aa2c625b6c3e854f34e6e8ba9f3b718118967a3550a93c8d0ef00b96746

Request headers

:method
GET
:authority
www.logicuser.de
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 10 Oct 2021 11:33:40 GMT
content-type
text/html
last-modified
Thu, 15 Oct 2020 14:34:00 GMT
vary
Accept-Encoding
etag
W/"5f885dd8-b95"
content-encoding
br
13620.js
cdn.netpoint-media.de/ 		113 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.netpoint-media.de/13620.js
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.19.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.19.12.49.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
368243f9de801101794edd911f8a83ef9d4e6b3ab8f5920807f8e170c201f145

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
content-encoding
gzip
last-modified
Sat, 09 Oct 2021 20:57:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61620230-1c545"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
cache-control
max-age=300, public
access-control-allow-credentials
true
cdn-s
10
expires
Sun, 10 Oct 2021 11:38:40 GMT
logicuser%20logo.jpg
www.logicuser.de/images/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.logicuser.de/images/logicuser%20logo.jpg
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.243.11.13 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
rw0b0d.webhosting.systems
Software
nginx /
Resource Hash
8ed5d7bc9433786b99a466000314e39d63625b5c14af59433a61923d26ca24b2

Request headers

:path
/images/logicuser%20logo.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.logicuser.de
referer
https://www.logicuser.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
last-modified
Wed, 14 Oct 2020 08:08:19 GMT
server
nginx
accept-ranges
bytes
etag
"5f86b1f3-d139"
content-length
53561
content-type
image/jpeg
forum.jpg
www.logicuser.de/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.logicuser.de/images/forum.jpg
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.243.11.13 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
rw0b0d.webhosting.systems
Software
nginx /
Resource Hash
b688abbc7fa60694dfe3b4593d390a153c61f129c2dfbfd01645b6576dcb7262

Request headers

:path
/images/forum.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.logicuser.de
referer
https://www.logicuser.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
last-modified
Wed, 14 Oct 2020 08:08:19 GMT
server
nginx
accept-ranges
bytes
etag
"5f86b1f3-27fa"
content-length
10234
content-type
image/jpeg
containr.js
cdn.mookie1.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mookie1.com/containr.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/13620.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.237.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-122.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 11:33:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
2941
Last-Modified
Tue, 08 Sep 2020 10:42:20 GMT
Server
AkamaiNetStorage
ETag
"6200df1a0ff97d44f843b0184fa20225:1599561740.987291"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Sun, 10 Oct 2021 11:34:40 GMT
9623.js
ads.rubiconproject.com/header/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/header/9623.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/13620.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
6dec88754888373fd9c2d190e452dfb87737659e7fece633d8c40a83cce836c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 11:33:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Sep 2021 11:54:11 GMT
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
25839
Expires
Sun, 10 Oct 2021 14:06:49 GMT
2x2
ad.yieldlab.net/d/724079/6629/ Frame E373 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/d/724079/6629/2x2?ts=66927180
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/13620.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
12087ec7fa6b3a057d6c25ea7e1ac0ec6a72834b4fbee73f75aad25eebc21ab9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
Content-Encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Content-Language
de-DE
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
751
Expires
Sat, 09 Oct 2021 11:33:40 GMT
m
ad.yieldlab.net/ Frame E373 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=739302&ext_id=1
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/13620.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:40 GMT
forest.min.js
ubn3k2x9bfd2yw3n3.ay.delivery/forest/uBN3k2X9Bfd2yw3N3/js/bid/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ubn3k2x9bfd2yw3n3.ay.delivery/forest/uBN3k2X9Bfd2yw3N3/js/bid/forest.min.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/13620.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:bb58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5513be727e41720e81e635c058faefa34f0714561e025bdc19c8a3f2349e984

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 11 Sep 2021 06:25:42 GMT
server
cloudflare
age
585
etag
W/"613c4be6-8e2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeQoniMR%2B69E5aoexpqx2wYH4gAVs9cU8sQPWfVZ7QHbFchy2DtQgwMIxm4LuaU%2F4NgU4rPEBYWCGGabD7vEtcg9TGyGRNs6vIPzreQQ5cEkMi5oWQPTGjxnsuZoBjH5uM8qehD%2B9QtQY5UgVwqwU32qynzH7LRbXfvjwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69bf89008cc54dca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
client-v2.3.0-to-que-start.js
ubn3k2x9bfd2yw3n3.ay.delivery/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ubn3k2x9bfd2yw3n3.ay.delivery/client-v2.3.0-to-que-start.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/13620.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:bb58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7dee4466968030ac9440c28cc7f70264acc45d264657bffb342fc4d1481825

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 May 2021 09:39:50 GMT
server
cloudflare
age
585
etag
W/"60a77fe6-72b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1lbZMbINqRVnliV%2B329dLW4fALBh7%2FcePApJG8NJKwgnlf2QxBbtud0XYjiZI21q9AUut5zMtF1y6eLpAE1xpCHDpnKpxj6mDp6oG2XhvQeUCVqfHz7ICvKA9Z%2BmKlccGBOtUKv%2BKcqsMKVwSFtepKMGkmaZsqYV5s%2FMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69bf89008cc74dca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
prebid5.js
cdn.netpoint-media.de/static/ 		443 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.netpoint-media.de/static/prebid5.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/13620.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.19.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.19.12.49.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d82844f37479fdc2e3dc9dfe01d09adb2d2996baae9faaa915ea7f5faf41cf28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 09:50:54 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"615436fe-6ed08"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
cache-control
max-age=14400, public
access-control-allow-credentials
true
cdn-s
5
expires
Sun, 10 Oct 2021 15:33:40 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/13620.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding
gzip
etag
e2b905aea413c4d7479fb2bb9cbc6c65
age
863
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1H47C2251N9KGPFN4J71
date
Sun, 10 Oct 2021 11:19:20 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
t4ROHqStEN4WKLcQd9Qdp_uVUM8k6MK-bXVSt56epxZyjRggVKiRBQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/13620.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
400bc6a241c7e9e94ea9bc086791b841d8c20300c4e063c6c341ae6524e7d26d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1011 / 457 of 1000 / last-modified: 1633731165"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25892
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Oct 2021 11:33:42 GMT
config.js
confiant-integrations.global.ssl.fastly.net/LXKJ0nitXhfw0KUSoE6GHImGl5Q/prebid/ 		113 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/LXKJ0nitXhfw0KUSoE6GHImGl5Q/prebid/config.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/13620.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb02fb31d9d1da73bbd0541a6b53a098a32ba9ec31e80a0ba8ea3e7d3d8ce480

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 11:33:40 GMT
Content-Encoding
gzip
Age
2379
X-Cache
HIT
Connection
keep-alive
Content-Length
22404
x-amz-id-2
tYiEP0od8hQUfZKrAbUYgHcIolTVykgbGcJmZKqfGBTezQ4UAZ3jKHJXkYIZ4FsphZDwKERKlWM=
X-Served-By
cache-fra19140-FRA
Last-Modified
Sun, 10 Oct 2021 10:32:47 GMT
Server
AmazonS3
X-Timer
S1633865621.583699,VS0,VE0
ETag
"c93500132617400622378249228c7b9b"
x-amz-request-id
5NTXR9FRWW1T8VPQ
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
663
m
ad.yieldlab.net/ Frame E373
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldlab
  • https://x.bidswitch.net/ul_cb/sync?ssp=yieldlab
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldlab
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=92e9b22c-4eec-451b-bd9c-5eaff86a7efc&ssp=yieldlab
  • https://ad.yieldlab.net/m?dt_id=6850&ext_id=fe7d4fa3-e849-48c5-b39d-c7d63d9f370b&gdpr_consent=
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=6850&ext_id=fe7d4fa3-e849-48c5-b39d-c7d63d9f370b&gdpr_consent=
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:41 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:41 GMT

Redirect headers

Location
//ad.yieldlab.net/m?dt_id=6850&ext_id=fe7d4fa3-e849-48c5-b39d-c7d63d9f370b&gdpr_consent=
Date
Sun, 10 Oct 2021 11:33:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
m
ad.yieldlab.net/ Frame E373
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm=&google_sc=&google_tc=
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGmqq-LGViZglY4OWShtiy4&google_cver=1
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGmqq-LGViZglY4OWShtiy4&google_cver=1
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:40 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGmqq-LGViZglY4OWShtiy4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
ad.yieldlab.net/ Frame E373
Redirect Chain
  • https://ad.yieldlab.net/mr?t=2&pid=5222173
  • https://pr-bh.ybp.yahoo.com/sync/yieldlab/0138d637-c414-42cf-8e02-44e44510e10c
  • https://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-uyuc2hdE2olNbOty8kVVTzL7nyLwNAyglZiKXWU-~A
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-uyuc2hdE2olNbOty8kVVTzL7nyLwNAyglZiKXWU-~A
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:40 GMT

Redirect headers

date
Sun, 10 Oct 2021 11:33:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://ad.yieldlab.net/m?dt_id=5222173&ext_id=y-uyuc2hdE2olNbOty8kVVTzL7nyLwNAyglZiKXWU-~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
ad.yieldlab.net/ Frame E373
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ad.yieldlab.net/m?dt_id=140420&ext_id=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D140420%26ext_id%3D%24UID
  • https://ad.yieldlab.net/m?dt_id=140420&ext_id=941953886362793386
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=140420&ext_id=941953886362793386
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:40 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
762e6a47-0d97-47fd-8e3a-9acefdeb9f71
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ad.yieldlab.net/m?dt_id=140420&ext_id=941953886362793386
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame E373
Redirect Chain
  • https://ad.yieldlab.net/mr?t=2&pid=9140838&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dyieldlab%26uid%3D%25%25YL_UID%25%25
  • https://ib.adnxs.com/prebid/setuid?bidder=yieldlab&uid=0138d637-c414-42cf-8e02-44e44510e10c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=yieldlab&uid=0138d637-c414-42cf-8e02-44e44510e10c
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4979ffec-e095-4f09-b878-734a6f508037
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Location
https://ib.adnxs.com/prebid/setuid?bidder=yieldlab&uid=0138d637-c414-42cf-8e02-44e44510e10c
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
0
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:40 GMT
m
ad.yieldlab.net/ Frame E373
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191771&cb=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D10447609%26ext_id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D10447609%26ext_id%3D&s=191771&C=1
  • https://ad.yieldlab.net/m?dt_id=10447609&ext_id=YWLPlCstr60WuSevT2FqlAAABGAAAAIB
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=10447609&ext_id=YWLPlCstr60WuSevT2FqlAAABGAAAAIB
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:40 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ad.yieldlab.net/m?dt_id=10447609&ext_id=YWLPlCstr60WuSevT2FqlAAABGAAAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
268
Expires
Sun, 10 Oct 2021 11:33:40 GMT
m
ad.yieldlab.net/ Frame E373
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=195270&cb=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D12527574%26ext_id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D12527574%26ext_id%3D&s=195270&C=1
  • https://ad.yieldlab.net/m?dt_id=12527574&ext_id=YWLPlCstr60WuSevT2FqlAAABGAAAAIB
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=12527574&ext_id=YWLPlCstr60WuSevT2FqlAAABGAAAAIB
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:40 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ad.yieldlab.net/m?dt_id=12527574&ext_id=YWLPlCstr60WuSevT2FqlAAABGAAAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
268
Expires
Sun, 10 Oct 2021 11:33:40 GMT
m
ad.yieldlab.net/ Frame E373
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldlab&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldlab&ttd_tpi=1
  • https://ad.yieldlab.net/m?dt_id=99739&ext_id=05afd6ca-3150-47b9-8008-abca41f63c5c&gdpr=1&gdpr_consent=
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=99739&ext_id=05afd6ca-3150-47b9-8008-abca41f63c5c&gdpr=1&gdpr_consent=
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:40 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ad.yieldlab.net/m?dt_id=99739&ext_id=05afd6ca-3150-47b9-8008-abca41f63c5c&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
235
m
ad.yieldlab.net/ Frame E373
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=118&redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6061522%26ext_id%3D%5BMM_UUID%5D
  • https://ad.yieldlab.net/m?dt_id=6061522&ext_id=745a6162-cf94-4200-bee9-52925d1cd6b2
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=6061522&ext_id=745a6162-cf94-4200-bee9-52925d1cd6b2
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:40 GMT

Redirect headers

Date
Sun, 10 Oct 2021 11:33:40 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ad.yieldlab.net/m?dt_id=6061522&ext_id=745a6162-cf94-4200-bee9-52925d1cd6b2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 10 Oct 2021 11:33:39 GMT
m
ad.yieldlab.net/ Frame E373
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=9e8aef82-3837-45aa-8e09-3af2ff8f6007
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=9e8aef82-3837-45aa-8e09-3af2ff8f6007
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 09 Oct 2021 11:33:40 GMT

Redirect headers

date
Sun, 10 Oct 2021 11:33:40 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=9e8aef82-3837-45aa-8e09-3af2ff8f6007
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
/
d.nativendo.de/cds/dmp/uuid/check/363b0c9e-3608-4e81-98ac-1a2d45d54f44/ Frame E373
Redirect Chain
  • https://d.nativendo.de/cds/dmp/uuid?redirect_url=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6337123%26ext_id%3D%7Buser_id%7D
  • https://d.nativendo.de/cds/dmp/uuid/check/363b0c9e-3608-4e81-98ac-1a2d45d54f44/?redirect_url=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6337123%26ext_id%3D%7Buser_id%7D
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.nativendo.de/cds/dmp/uuid/check/363b0c9e-3608-4e81-98ac-1a2d45d54f44/?redirect_url=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6337123%26ext_id%3D%7Buser_id%7D
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
34.241.178.107.bc.googleusercontent.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:40 GMT
via
1.1 google
last-modified
Sun, 10 Oct 2021 11:33:40 GMT
server
Apache
content-type
text/javascript; charset=utf-8
cache-control
no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:40 GMT
via
1.1 google
last-modified
Sun, 10 Oct 2021 11:33:40 GMT
server
Apache
content-type
text/javascript; charset=utf-8
location
https://d.nativendo.de/cds/dmp/uuid/check/363b0c9e-3608-4e81-98ac-1a2d45d54f44/?redirect_url=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D6337123%26ext_id%3D%7Buser_id%7D
cache-control
no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E373 		43 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=684059&cb=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdt_id%3D12527574%26ext_id%3D
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 10 Oct 2021 11:33:40 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3776&u=https%3A%2F%2Fwww.logicuser.de%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 07:02:29 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
Server
age
16270
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.logicuser.de
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
ucFbmqe7ZdzaQWIqQSSBNhQysfn_sEyiEvK_E9I0NhErFJ6oOfHnxA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3776&u=https%3A%2F%2Fwww.logicuser.de%2F&pid=XoGGGbKfFrsJW&cb=0&ws=1600x1200&v=7.69.01&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%221067691%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22800x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%225094664%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-amz-rid
R3WPWEKWZFWCDCRWZRSM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.logicuser.de
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
KcEFjmy2U7MIcNPED_2AIDqLrud0lYYbAGGnwdPszcrWaXO9EMCgSg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
42330
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Sat, 09 Oct 2021 23:48:11 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
f8zvWrjNmdfMBNTEIapz-RzeG5zEmwWU8wESm363Pv0Y00mmZvqtMg==
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202110071229/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202110071229/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/LXKJ0nitXhfw0KUSoE6GHImGl5Q/prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df88a13d4a06cb7fa701e728f6ff4c8eb42310c83b28990e909a25f4a46040bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 11:33:40 GMT
Content-Encoding
gzip
Age
826
X-Cache
HIT
Connection
keep-alive
Content-Length
29681
x-amz-id-2
XlSZTXrSYWnXH/bo9VvirZAVO7KbTtMlt1oWkiL8A5s40erZvDYZqlQHey/yRgKfjZT7TjdUONs=
X-Served-By
cache-fra19140-FRA
Last-Modified
Thu, 07 Oct 2021 17:17:50 GMT
Server
AmazonS3
X-Timer
S1633865621.915709,VS0,VE0
ETag
"77fc49301929f8713ca523ebc5229609"
x-amz-request-id
3NT5VYDF528V0WYK
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
156
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.logicuser.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 10 Oct 2021 11:33:40 GMT
content-length
0
cache-control
private
access-control-allow-origin
https://www.logicuser.de
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age
86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11bf4d2fb4821029fc1d70f7b6ad16fad1cb9ffe5cc584f30415cb5d7b9458d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
17734
x-jsd-version
1.0.1125
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19127-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69e-7yfLtO5ExPER7Dtj6DLlRu+RFrI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
69bf89028d053244-FRA
localstore.js
script.4dex.io/ 		483 B
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1807
content-type
application/javascript
x-amz-request-id
tx4156f9f298ad4ef289067-006156c982
x-amz-id-2
tx4156f9f298ad4ef289067-006156c982
last-modified
Fri, 01 Oct 2021 08:34:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBj8EqRLIAdNb0rGkvniXVkeyuyyKh2H95p1tosM5xLfH%2BG26%2BX6MaSsmjrOyurvozXIUdvSnFSSgXmnqpqDGU8ZOT3gppl4raf66KnKYtsAdNeXOX1fpJt4mNOe3Wag0AzpaBFOJ66SEyGf"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1633077261838806
cache-control
public, max-age=1800
cf-ray
69bf8902fc60697b-FRA
expires
Sun, 10 Oct 2021 12:03:40 GMT
prebid
ib.adnxs.com/ut/v3/ 		246 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5b7ef1686c5a58130ddbfc194cdcd5b4a6a3df84c57624ff120a23ceb4950399
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ff10f66e-033b-40b8-9389-12a86b6e2e7a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.logicuser.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
246
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		136 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2decf1b37c685fe2d1c8da1c991e9ac4bcb1ade49d1c1a80a024cee86706c0e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e1fdefd4-53d6-4bcd-ba7d-d9382afc02f2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.logicuser.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
136
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ 		0
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:41 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.logicuser.de
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
626337,626338
ad.yieldlab.net/yp/ 		155 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/yp/626337,626338?ts=1633865620864&json=true&pubref=https%3A%2F%2Fwww.logicuser.de%2F
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
70f0202c55a25cf7a6276abe13e7093a469771e969cf318def3049972b0d45c0

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
Content-Encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Language
de-DE
Access-Control-Allow-Origin
https://www.logicuser.de
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length
152
Expires
Sat, 09 Oct 2021 11:33:40 GMT
prebid
mp.4dex.io/ 		0
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-origin
https://www.logicuser.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
69bf89029b8b2b35-FRA
x-err
Validating the Prebid Request. site disabled for organization, OrganizationId = 1124 and Site name = logicuser_de
expires
0
arj
netpoint-d.openx.net/w/1.0/ 		172 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://netpoint-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.logicuser.de%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dc398ee6-62be-42d3-85fc-c6edfd7b066e%2C0d6ab2cc-847e-4ffe-a06f-df0d346d0a97&nocache=1633865620868&aus=728x90%7C800x250%2C900x300%2C970x250&divids=npm_1067691%2Cnpm_5094664&aucs=%2C&auid=538772640%2C538772642
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
a65eb0069f536acf11c0f5c8971e963ebad62a68838df624658da734d93611b8

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:40 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.logicuser.de
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
orbidder.otto.de/ 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://orbidder.otto.de/bid
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.210.58.154 Brussels, Belgium, ASN19527 (GOOGLE-2, US),
Reverse DNS
154.58.210.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.logicuser.de
date
Sun, 10 Oct 2021 11:33:40 GMT
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
bid
orbidder.otto.de/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://orbidder.otto.de/bid
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.210.58.154 Brussels, Belgium, ASN19527 (GOOGLE-2, US),
Reverse DNS
154.58.210.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.logicuser.de
date
Sun, 10 Oct 2021 11:33:40 GMT
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
/
prebid.smilewanted.com/ 		0
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.logicuser.de
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwE47EhR%2F8tunT0s5ZuBnzV%2BT1jA8dZUsdZgblGpCPeoWV2V2fxdyq%2Bglu8hN%2BmN%2FpX2%2FUpBj%2BIBwLvofQwRlal5X5yjw28Z3XvQ1MkLYJe85iAeiMI4ZEuQZ7mrsMiGt%2BbXJbaN0MA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
69bf8902ada64e80-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Oct 2021 11:33:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.logicuser.de
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWTCKw3J2C1yxkkiKa0dOm5bgz7mx0G8W5w38NAURtnE4pW7wFIM4bZgWGvYTU%2F5n51CDFbOeHMCQt4XivDK1VYaW9rZAZ4FhRQQpsDY60wwdJawcpMWGIwzi4zstbb6tz3W3cCoa3o%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
69bf8902ada84e80-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
auction
tlx.3lift.com/header/ 		19 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.15.0&referrer=https%3A%2F%2Fwww.logicuser.de%2F&tmax=800
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:40 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.logicuser.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
17708b2d2ed2da5ae8c699fd63e2bfc7f33c4bd0783ed19cff67681f6308c045
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
49644f3c-1672-457d-8103-78377b908a23
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.logicuser.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
249
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9623&site_id=105976&zone_id=497784&size_id=2&rf=https%3A%2F%2Fwww.logicuser.de%2F&tk_flint=pbjs_lite_v5.15.0&x_source.tid=dc398ee6-62be-42d3-85fc-c6edfd7b066e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3171066321741087
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7570689d5883b7ce0062084863082383873bf5cfa91727203ca5c097541a12a6

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:40 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.logicuser.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2363
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9623&site_id=105976&zone_id=497784&size_id=57&alt_size_ids=125&rf=https%3A%2F%2Fwww.logicuser.de%2F&tk_flint=pbjs_lite_v5.15.0&x_source.tid=0d6ab2cc-847e-4ffe-a06f-df0d346d0a97&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3053513789926985
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
000826ce6c31c7dc061381f5856efa0df8df6cf2fdb42d92afb3e7aa26ce9a82

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:41 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.logicuser.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2386
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
hb.emxdgt.com/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=800&ts=1633865620876&src=pbjs
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.logicuser.de
date
Sun, 10 Oct 2021 11:33:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.15.0&cb=3740669348
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.logicuser.de
date
Sun, 10 Oct 2021 11:33:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7ddf617c63da9bd588428601e0f8ad67395a39a44c1f014577ac0f2bbb5f9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
787091
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txecca10569c8f416dbc582-006156ccb0
x-amz-id-2
txecca10569c8f416dbc582-006156ccb0
last-modified
Fri, 01 Oct 2021 08:34:20 GMT
server
cloudflare
etag
W/"5300a3b1be09eec23740c383b46565be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjzw%2FUxdrdXEN4054HVacDwfQ6S9AUZBLiuxnAeZTQHLlpPfWDRMiuY4kcy4kcWQjmJzbxZLBn%2Bg7kvDMAPJltvEdg0pwacUOd40HkhpKfi8a5vsgTtcotHVo5lI0EjrokztvfJblgzYCDyw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1633077260231162
cf-ray
69bf89033dfa4ab6-FRA
access-control-allow-headers
Authorization
data
mp.4dex.io/ 		26 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/data
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ed6dc25c0545ce6ad509aec899a13cc81124c187c9905306a05652c266fdc85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.logicuser.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
69bf89069ac92b35-FRA
content-length
26
expires
0
publishertag.prebid.113.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:41 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Oct 2021 11:33:41 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:41 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:24 GMT
server
nginx
etag
W/"615af4d0-1535c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Oct 2021 11:33:41 GMT
pubads_impl_2021100502.js
securepubads.g.doubleclick.net/gpt/ 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
186eff04a22ac81157dc3283c95424151aec5cb3e5904d0c5d83512b0d17e4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124246
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 14:32:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Oct 2021 11:33:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		72 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.logicuser.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
09e24db305e0abc781bff30e05a30a89995cb86758397a5d221841b564e95f5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 11:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76
x-xss-protection
0
expires
Sun, 10 Oct 2021 11:33:42 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.logicuser.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 11:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.logicuser.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 11:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		98 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=783628202379948&correlator=3850964780248859&output=ldjh&impl=fifs&eid=31063056%2C31060033&vrg=2021100502&ptt=17&sc=1&sfv=1-0-38&ecs=20211010&iu_parts=21807001401%3A22433347222%2Clogicuser.de%2C1067691_728x90%2C5094664_900x300&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=728x90%2C800x250%7C900x300%7C970x250&prev_scp=npAdcuid%3D1067691%26Whitelists%3D54679%2C54679%2C53886%2C47146%2C48111%2C41060%2C48798%2C52944%26Blacklists%3D53704%2C53708%2C53700%2C53701%26Channel%3Dbusiness%2Cmusik%2520%2526%2520popkultur%2Cmusik%2520%2526%2520popkultur%2520-%2520alternative%2520indie%2520%2526%2Cbusiness%2520%2526%2520news%2Cnetpoint-rotation%2Ctechnik%2520%2526%2520kommunikation%26main_size%3D728x90%26bannertyp%3Dstandards%26amznbid%3D2%26amznp%3D2%26nphb_m%3D0%26nphb_format%3Dbanner%26nphb_source%3Dclient%26nphb_size%3D728x90%26nphb_adid%3D38cd12a5215165e%26nphb_bidder%3Dyieldlab%26nphb_pb%3D0.08%26nphb_dealId%3D959800%26nphb_sf%3D0%26nphb_dif%3D1.2%7CnpAdcuid%3D5094664%26Whitelists%3D54679%2C54679%2C53886%2C47146%2C48111%2C41060%2C48798%2C52944%26bannertyp%3Dstandards%2Cbillboard%2Cbillboard970%26Blacklists%3D53704%2C53708%2C53700%2C53701%26Channel%3Dbusiness%2Cmusik%2520%2526%2520popkultur%2Cmusik%2520%2526%2520popkultur%2520-%2520alternative%2520indie%2520%2526%2Cbusiness%2520%2526%2520news%2Cnetpoint-rotation%2Ctechnik%2520%2526%2520kommunikation%26main_size%3D900x300%26amznbid%3D2%26amznp%3D2%26nphb_m%3D0%26nphb_format%3Dbanner%26nphb_source%3Dclient%26nphb_size%3D970x250%26nphb_adid%3D40fa9b3c21b010b%26nphb_bidder%3Drubicon%26nphb_pb%3D0.07%26nphb_sf%3D1%26nphb_dif%3D1.25&eri=1&cust_params=dvc%3Dd%26seite%3Dhome%26sw%3D500%252C600%252C700%252C800%252C900%252C1000%252C1100%252C1200%252C1300%252C1400%252C1500%252C1600%26pub%3D%26site%3D%26g%3D%26l%3D%26cat%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1602772440&dt=1633865622545&dlt=1633865620421&idt=2081&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C450&adys=-9%2C244&adks=373414224%2C389164278&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.logicuser.de%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C987x238&msz=0x-1%7C985x0&ga_vid=128865425.1633865623&ga_sid=1633865623&ga_hid=1891377380&ga_fc=false&fws=2%2C0&ohw=0%2C0&btvi=-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a03f3d879c623a91bdf27d66841986aa8ceda1069a55936905bf1e6c3cd3d141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38436
x-xss-protection
0
google-lineitem-id
5206484372,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138291944235,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.logicuser.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B7AA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.logicuser.de/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 10 Oct 2021 11:33:42 GMT
expires
Mon, 10 Oct 2022 11:33:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
syncframe
gum.criteo.com/ Frame 2977 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.logicuser.de
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.logicuser.de
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.logicuser.de/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1454
set-cookie
uid=c9a2aad4-fb1f-4a9c-9c07-da23dc9798c4; expires=Fri, 04 Nov 2022 11:33:42 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sun, 10 Oct 2021 11:33:42 GMT
content-length
4683
sid
mug.criteo.com/ Frame 2977
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=logicuser.de&sn=ChromeSyncframe&so=0&topUrl=www.logicuser.de&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=KsUdKHwxTllha1hoZHA5SXBQYnZzRG85aUNIZVNyNzI2WTVzWlZJSWJZUENCSzlXY1V3MmZQL2tzNzIvcXl0cFkreTdlTkIxb3Jyb2RlUFRKTXE4UXFNenU5dW9jWkJqb1VzYUdPeDVKYVFBSndXRWxsdjlka1I0WnZ1L2...
428 B
624 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=KsUdKHwxTllha1hoZHA5SXBQYnZzRG85aUNIZVNyNzI2WTVzWlZJSWJZUENCSzlXY1V3MmZQL2tzNzIvcXl0cFkreTdlTkIxb3Jyb2RlUFRKTXE4UXFNenU5dW9jWkJqb1VzYUdPeDVKYVFBSndXRWxsdjlka1I0WnZ1L2w5SFN4cWFQM093cVFmUnM4UGVOMHpRM1B5bTA1Y1krczB0dVJvSHU1ZWZIM256UWVGUUNzMzY3NmlFZ1Y3YzB6alBhMHUrVjUxM203RHBtdW5HMkxiNU5tSi8rN3lvUUxncmZmVWVwNUNjWGZqQk5rOHFWaC9peFFzMit1cmNITkdqMkJPRWc1dlVQbmVycU90RThINUUvNXJzbzdSZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
47a6959bed8cd9b0ea79e5e85a83eea9438088e47e0d50124543b4d22bbc75af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 10 Oct 2021 11:33:42 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2225
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 10 Oct 2021 11:33:42 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=KsUdKHwxTllha1hoZHA5SXBQYnZzRG85aUNIZVNyNzI2WTVzWlZJSWJZUENCSzlXY1V3MmZQL2tzNzIvcXl0cFkreTdlTkIxb3Jyb2RlUFRKTXE4UXFNenU5dW9jWkJqb1VzYUdPeDVKYVFBSndXRWxsdjlka1I0WnZ1L2w5SFN4cWFQM093cVFmUnM4UGVOMHpRM1B5bTA1Y1krczB0dVJvSHU1ZWZIM256UWVGUUNzMzY3NmlFZ1Y3YzB6alBhMHUrVjUxM203RHBtdW5HMkxiNU5tSi8rN3lvUUxncmZmVWVwNUNjWGZqQk5rOHFWaC9peFFzMit1cmNITkdqMkJPRWc1dlVQbmVycU90RThINUUvNXJzbzdSZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1783
content-length
541
expires
0
container.html
43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 641A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.logicuser.de/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 10 Oct 2021 11:33:42 GMT
expires
Mon, 10 Oct 2022 11:33:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
api.assertcom.de/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Requested by
Host: ubn3k2x9bfd2yw3n3.ay.delivery
URL: https://ubn3k2x9bfd2yw3n3.ay.delivery/client-v2.3.0-to-que-start.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.62.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.62.201.195.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
server
nginx/1.16.1
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, private, no-transform
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100502&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78980c8127095caedd48a198e994209da673dcafcdad302adb313ec3e9aa9bd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 11:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8543
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100502.js?31063056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 10 Oct 2021 11:33:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BF8E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.logicuser.de/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 10 Oct 2021 09:34:42 GMT
expires
Mon, 10 Oct 2022 09:34:42 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7141
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1A31 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a071c13498003831e9f49f719dbec84c9625bf8b3b0c3fd87953d6df991d353
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OJELJiSZ6BDWMfBIrLWV/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.logicuser.de/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 10 Oct 2021 11:33:43 GMT
date
Sun, 10 Oct 2021 11:33:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-OJELJiSZ6BDWMfBIrLWV/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 1A31 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100502&jk=783628202379948&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 432D 		624 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKjj2bIBMAE&v=APEucNWql0edPY_Pf6CejlXE_-Fy04j46Yc-hT6Oj5GVcO6sW_fcAM_CY8z8vf8bvCkZLDyRjj-dpx_7c4rARoOaLNda3Eje9keCVhZI6iXBNYiqs86hUGgWeQO4sVWZcH1ZeV3YSDyjGqcRKUSGyRiM9sfqdN5yGnV63oLSnbybrXgu6hRdhO4
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKjj2bIBMAE&v=APEucNWql0edPY_Pf6CejlXE_-Fy04j46Yc-hT6Oj5GVcO6sW_fcAM_CY8z8vf8bvCkZLDyRjj-dpx_7c4rARoOaLNda3Eje9keCVhZI6iXBNYiqs86hUGgWeQO4sVWZcH1ZeV3YSDyjGqcRKUSGyRiM9sfqdN5yGnV63oLSnbybrXgu6hRdhO4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnJx8Svu4aFQV4gk0Y4pU-5oWAwvkNOjJ8I6kFwMoqvOIhwl7OZOByZMW4cwKI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 10 Oct 2021 11:33:43 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 641A 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
Origin
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 15:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Oct 2021 15:01:58 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/elements/html/ Frame 641A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 10:58:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2631
x-xss-protection
0
server
cafe
etag
10983085961369067521
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 10:58:34 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame 641A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite_fy2019.js
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 10:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 10:50:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 641A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzaCO_SC2Cl6DP5jvnTADdTB4VMVM45WGBYzVgca205wok-ZDjx9qxkjyhFzCm0DU6SKiboP_9KVpl7KjCSVK_VuZ27fkDjKkUvHT1Ii9tGTmQsnU
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 641A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 11:31:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 641A 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547226118934"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Oct 2021 11:33:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 641A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6219
x-xss-protection
0
server
cafe
etag
4041254270185007295
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 11:29:21 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 641A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 14:33:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 07 Oct 2022 14:33:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B451 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 10 Oct 2021 08:58:57 GMT
expires
Mon, 11 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
9286
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame B451
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENm0e4ArQIBqhw4_3yxzqpY&google_push=AYg5qPKoMcKwS7yB9fNWIE2morRa4wS4ALyiU1-FJJyR_bkxukUmGpCL8U...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENm0e4ArQIBqhw4_3yxzqpY&google_push=AYg5qPKoMcKwS7yB9fNWIE2morRa4wS4ALyiU1-FJJyR_bkxukUmGpCL8UpWtoM9THjPpzeNH_DAI1y1TK6vux63PuxniKb9TQoM
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1633865624.512619,VS0,VE92
x-served-by
cache-fra19166-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENm0e4ArQIBqhw4_3yxzqpY&google_push=AYg5qPKoMcKwS7yB9fNWIE2morRa4wS4ALyiU1-FJJyR_bkxukUmGpCL8UpWtoM9THjPpzeNH_DAI1y1TK6vux63PuxniKb9TQoM
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame B451
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPYTQf37jfBPNfag05rwUSk&google_cver=1&google_push=AYg5qPKS552Z7HL7MMCr9aG_erpyW-pGwy04_syLHkJujPsmxKG93gZ8ylV79k3ULeymgmhryD1d6-Ge6-hyznVflNrSaenMaXOn
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F02507DB263F42229A810C6A14CF4B09&google_push=AYg5qPKS552Z7HL7MMCr9aG_erpyW-pGwy04_syLHkJujPsmxKG93gZ8ylV79k3ULeymgmhryD1d6-Ge6-hyznV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F02507DB263F42229A810C6A14CF4B09&google_push=AYg5qPKS552Z7HL7MMCr9aG_erpyW-pGwy04_syLHkJujPsmxKG93gZ8ylV79k3ULeymgmhryD1d6-Ge6-hyznVflNrSaenMaXOn
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Oct 2021 11:33:43 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F02507DB263F42229A810C6A14CF4B09&google_push=AYg5qPKS552Z7HL7MMCr9aG_erpyW-pGwy04_syLHkJujPsmxKG93gZ8ylV79k3ULeymgmhryD1d6-Ge6-hyznVflNrSaenMaXOn
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 09 Oct 2021 11:33:43 GMT
pixel
cm.g.doubleclick.net/ Frame B451
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDToOQJLkNmx2wOVYv7hWYU&google_cver=1&google_push=AYg5qPJXitCkrZhTF4ffXNADP4ArRMyTnxCv-KmObMk7qH9ZHBJ_Ap_eKXFKHU9kIx2qrz5KpXdiC4Q3uixLkR...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzM5OTQxNjg1NTEzMjMwMQ%3D%3D&google_push=AYg5qPJXitCkrZhTF4ffXNADP4ArRMyTnxCv-KmObMk7qH9ZHBJ_Ap_eKXFKHU9kIx2qrz5KpXdiC4Q3uixLkRdBtP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzM5OTQxNjg1NTEzMjMwMQ%3D%3D&google_push=AYg5qPJXitCkrZhTF4ffXNADP4ArRMyTnxCv-KmObMk7qH9ZHBJ_Ap_eKXFKHU9kIx2qrz5KpXdiC4Q3uixLkRdBtP669snX53c
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzM5OTQxNjg1NTEzMjMwMQ%3D%3D&google_push=AYg5qPJXitCkrZhTF4ffXNADP4ArRMyTnxCv-KmObMk7qH9ZHBJ_Ap_eKXFKHU9kIx2qrz5KpXdiC4Q3uixLkRdBtP669snX53c
Date
Sun, 10 Oct 2021 11:33:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame B451
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMA4qMYlzh0NavVbos0qwNM&google_cver=1&google_push=AYg5qPK32swzC2yLLAjudO8ZxivA9IH8UUpR495VLhjy_hbV4TF2X8qe_Md2a...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMA4qMYlzh0NavVbos0qwNM&google_cver=1&google_push=AYg5qPK32swzC2yLLAjudO8ZxivA9IH8UUpR495VLhjy_hbV4TF2X8qe_Md2a...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=tBux9ghCph4L668RAiNsDQ&google_push=AYg5qPK32swzC2yLLAjudO8ZxivA9IH8UUpR495VLhjy_hbV4TF2X8qe_Md2a6Rn-ixrkJgmKcO2mMDfX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=tBux9ghCph4L668RAiNsDQ&google_push=AYg5qPK32swzC2yLLAjudO8ZxivA9IH8UUpR495VLhjy_hbV4TF2X8qe_Md2a6Rn-ixrkJgmKcO2mMDfXhVu_rLIzjUu03khc1JL
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 10 Oct 2021 11:33:43 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=tBux9ghCph4L668RAiNsDQ&google_push=AYg5qPK32swzC2yLLAjudO8ZxivA9IH8UUpR495VLhjy_hbV4TF2X8qe_Md2a6Rn-ixrkJgmKcO2mMDfXhVu_rLIzjUu03khc1JL
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
238
pixel
cm.g.doubleclick.net/ Frame B451
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMHTCdWbCMnC7v1SRd7gJ9A&google_cver=1&google_push=AYg5qPKZ5H1xc27DkiItsnrpe9PRbLOopGV3Jd4EjNCVSiYbxZQhIZ6QATeFCvArzPoU_NpDLocxTSYpJOrAiNLFxClCOzf...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMHTCdWbCMnC7v1SRd7gJ9A&google_cver=1&google_push=AYg5qPKZ5H1xc27DkiItsnrpe9PRbLOopGV3Jd4EjNCVSiYbxZQhIZ6QATeFCvArzPoU_NpDLocxTSYpJOrAiNLFxClCO...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKZ5H1xc27DkiItsnrpe9PRbLOopGV3Jd4EjNCVSiYbxZQhIZ6QATeFCvArzPoU_NpDLocxTSYpJOrAiNLFxClCOzf034I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKZ5H1xc27DkiItsnrpe9PRbLOopGV3Jd4EjNCVSiYbxZQhIZ6QATeFCvArzPoU_NpDLocxTSYpJOrAiNLFxClCOzf034I
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKZ5H1xc27DkiItsnrpe9PRbLOopGV3Jd4EjNCVSiYbxZQhIZ6QATeFCvArzPoU_NpDLocxTSYpJOrAiNLFxClCOzf034I
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame B451
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MFZvHki6QzuwoIW8NMLanQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MFZvHki6QzuwoIW8NMLanQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL_HCZZBBe2jN0Wji8FimJJcA_U1Sd4RuXxBZSk-w-WkyMi4BpleE1BDEPoNVsK8jUwvkfdlXbyECmDTgLYI-jdWRJvtz8r
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MFZvHki6QzuwoIW8NMLanQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL_HCZZBBe2jN0Wji8FimJJcA_U1Sd4RuXxBZSk-w-WkyMi4BpleE1BDEPoNVsK8jUwvkfdlXbyECmDTgLYI-jdWRJvtz8r
date
Sun, 10 Oct 2021 11:33:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
dot.gif
s0.2mdn.net/ Frame B451 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMxr_8-NK0-y7erH7zpLG3s&google_cver=1&google_push=AYg5qPJWPI7AsCbMmaTXS6va1d_T5Mytc5C4Ool_5hFc-VD4XEa5ebnlUF9UtyQn2sfZq2L5K0ykElDJ8HeIrM3i5wkDVPlzEivcOw
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Oct 2021 11:33:43 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B451 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KG59O1wsk6_V2OkCBnfXCT4Y55dQcAuNLYBgZxxjSDDrVZEwdZas09sMXp72uDBkYjoCI8TA
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rum
dsum-sec.casalemedia.com/ Frame 432D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECCFtPuf_v2xgfUfbVQ9w8c&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECCFtPuf_v2xgfUfbVQ9w8c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKjj2bIBMAE&v=APEucNWql0edPY_Pf6CejlXE_-Fy04j46Yc-hT6Oj5GVcO6sW_fcAM_CY8z8vf8bvCkZLDyRjj-dpx_7c4rARoOaLNda3Eje9keCVhZI6iXBNYiqs86hUGgWeQO4sVWZcH1ZeV3YSDyjGqcRKUSGyRiM9sfqdN5yGnV63oLSnbybrXgu6hRdhO4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 10 Oct 2021 11:33:43 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECCFtPuf_v2xgfUfbVQ9w8c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 432D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWLPlCstr60WuSevT2FqlAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECCFtPuf_v2xgfUfbVQ9w8c&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECCFtPuf_v2xgfUfbVQ9w8c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKjj2bIBMAE&v=APEucNWql0edPY_Pf6CejlXE_-Fy04j46Yc-hT6Oj5GVcO6sW_fcAM_CY8z8vf8bvCkZLDyRjj-dpx_7c4rARoOaLNda3Eje9keCVhZI6iXBNYiqs86hUGgWeQO4sVWZcH1ZeV3YSDyjGqcRKUSGyRiM9sfqdN5yGnV63oLSnbybrXgu6hRdhO4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 10 Oct 2021 11:33:43 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECCFtPuf_v2xgfUfbVQ9w8c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 432D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ7vkC_3VKLKjL0CCKDBTPk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ7vkC_3VKLKjL0CCKDBTPk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKjj2bIBMAE&v=APEucNWql0edPY_Pf6CejlXE_-Fy04j46Yc-hT6Oj5GVcO6sW_fcAM_CY8z8vf8bvCkZLDyRjj-dpx_7c4rARoOaLNda3Eje9keCVhZI6iXBNYiqs86hUGgWeQO4sVWZcH1ZeV3YSDyjGqcRKUSGyRiM9sfqdN5yGnV63oLSnbybrXgu6hRdhO4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:43 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
417e58d4-9715-4b82-bf21-ed9d021983f4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ7vkC_3VKLKjL0CCKDBTPk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 432D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTQxOTUzODg2MzYyNzkzMzg2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTQxOTUzODg2MzYyNzkzMzg2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGKjj2bIBMAE&v=APEucNWql0edPY_Pf6CejlXE_-Fy04j46Yc-hT6Oj5GVcO6sW_fcAM_CY8z8vf8bvCkZLDyRjj-dpx_7c4rARoOaLNda3Eje9keCVhZI6iXBNYiqs86hUGgWeQO4sVWZcH1ZeV3YSDyjGqcRKUSGyRiM9sfqdN5yGnV63oLSnbybrXgu6hRdhO4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:43 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6318ee27-4177-426b-a2b2-c8b99aa5b312
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTQxOTUzODg2MzYyNzkzMzg2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/ Frame EB20 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3029e2dd401c3602d5998ba48444bc0f537b9176531b1c555b05a47b8bf3eaea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
1642
date
Sun, 03 Oct 2021 14:23:16 GMT
expires
Mon, 03 Oct 2022 14:23:16 GMT
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
594627
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 641A 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvz8-AsrF5CjiAbPSW00qm7vPcO0q1wlxurent917KGjwLIJ8KzdUH69plY0QSKjVkx41M6EmS0cYNHhk1LTKcn9mlq6AeGHZWamzIN16oDkdrYIuMJjGwxG4C3fhUhaP7k6E9rcHvO1VH2T0jB0-r8_F1KO6Z1aZ1t_valh_tcZFdatoNB5S6Bjo7WWAul6JZdvdiTRRqOaUgaCpWF6omKPOt5ar3FTZ2WjhgSPKzctGNDi9y-UJ_Sgak0ldo63C_KZARGGZ8_vhDHr55H3wTrA77wSZKPD7nnvSbhEx5YAeAeew9ApLQn1wzYgxhJEG6nUeOy_HeLwXK5PKIJD5mfnxE6-Kky_8FiKRYhKXKcnMRQN8MNKXBFwPVqG5sePIY1TQ8itYVE63nRrizprwxRWTHnryTrQ4b79AFBZEgAgeVWTX8An7mTlO-TQFOm8SsUbSXOgcc7qsBVONQWYBEaZ4XTUEXYWly39o46iCSDY0y5drgflIETNWlpmb5lpiauGFQH1QHtx9KkFBzJmyxcTjzg9BgsharptWU5xU8sF5hmmDLNyODUpn3mYkkE0nD-ioc24ESgLzfSY-uRyRYrX2__VmJyRpFldllcwX53ftr4zd6kCry5nVxL5iLIgLSPasO2qX-e72diiQBnRlCIZbRwfEvpCv4y8HZj3_0oI7U0_BInb5cAmSEX6EOcTL7eNzjXTIbo1VQ3REK1OVB84VW1Jsv20xsOJR6fv5F6xnI89esWWSANxblie5lhUbw5kGTHtRhtUjFa4LLvTA5xffuVsBabUYu9GzH3VgsuWR75jLTrWP88bgWJqFDtRnzNCeAixWyNLpM0gkxPljHkQ5Kp87jVXwQrUCS3-TomltiVa8-yyInph8zfQjPI9kdSY-siAdpYGGgHRHWnqMmxAeoWKymtTT781EeiF64ui2gma5j0OswtG6vWDrXYwNplW6Z46DRWmOae2X9VerKrwssfZ2udNkhPPH6d46uJKXax3dkffQkP7XE9EJNWB0qXTja4KSkbPEEWLZmsEW4ykAX74rYUD3Eh5Aq2mURN_UsVwtcW5y0RtvV7hlkV7FmDgV0ZA8t5YoCJZEbliLQkoUcQXsJtvR-3FoVL69kuEVSBAD_8ZP4_YTB_8gqaNXZ0srqKi2dF9LZPv3-jhJLgbNrlDn9NDdrqFr_D9ypz44mIy0ClpimWZgso5-x62FcaayPGn6_awFiF0k8ZhGip1FRL19K1AzPvcMvnwrRZ2yWZfKE9XsTqkxpWOk2Ln6wFhtAkrb0DyYK65rSentQas5eoiuBD7Qqs_g&sai=AMfl-YQIzKmWiu2dsVDdr1yio_YyJiVOYHqb_gMk20dLQgb6tGdMWh3XMThL23Lb04W8YjbLZXgml7cuK6UNXjIxjvBBsHKm5CDcK-wjjOGALX_YfNrqInXPnHBVJf0BNMpH0FeMkeeW7FFUV0R8F5S-O8A9jMRlrxBtGSdMgMtKQEtF4b55G2yVf9tlPzeHC-3-Z9e_vOgFqhpIA_k6HaEpEQUiu3CshM0WAzHAOP0Od_1xMoMz8FxkSBokOaapm9vatRgZIbmJmrW2UWDAVzJtEvbMeCdW_IYRrhPbWvNY-oy6Udsz8fg&sig=Cg0ArKJSzMYy5d0lwkmFEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=78&cbvp=1&cstd=74&cisv=r20211006.99752&adurl=
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 10 Oct 2021 11:33:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 641A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
055166c77ec652ff324c8588682a93d6a54250c4be542d34ae04fe9f9bbfb78e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2409 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Thu, 07 Oct 2021 14:33:17 GMT
expires
Fri, 07 Oct 2022 14:33:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
248426
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame BF8E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 15:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
72719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 09 Oct 2022 15:21:44 GMT
EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
pagead2.googlesyndication.com/bg/ Frame 2409 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
88097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 09 Oct 2022 11:05:26 GMT
pre.min.js
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/js/ Frame EB20 		665 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/js/pre.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a488b6eec146cd55817197d2524099ba4a7280fddcc9277418a7bb17ecd537a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 20:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
573518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
350
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Oct 2022 20:15:05 GMT
bg.jpg
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/ Frame EB20 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ef291924d59c07e1575784fb7e85c73d25ee2b75af34eef04a43ac45164f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 08:52:23 GMT
x-content-type-options
nosniff
age
441680
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
174687
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 08:52:23 GMT
overlay.svg
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/ Frame EB20 		593 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/overlay.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5ef730972a4f7322c727a471d59ac6fbc3f4ea030aece254f2e7a895c427325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 04:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 04:29:54 GMT
stoerer.svg
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/ Frame EB20 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/stoerer.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83de99253f44b54cf3bf1ed5b373314a70e12c5626f1ca5a79b7b849684d431b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 04:38:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543316
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1835
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 04:38:27 GMT
headline.svg
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/ Frame EB20 		27 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/headline.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a9e8eed14cc84d68ddd139202028c66846ab7a24cf09b118e57d660e3696be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 06:41:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5234
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Oct 2022 06:41:45 GMT
cta.svg
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/ Frame EB20 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/cta.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3df5d7bcc9ee85240a593d7a896b3546695fa0e7252c5f67fc920da24b60b381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 13:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164748
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2163
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 08 Oct 2022 13:47:55 GMT
siegel-1.png
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/ Frame EB20 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/siegel-1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c89ebf8b923c3af7ab458913ebd36b3e3f40387de2d9314d9a170b2aa46e02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 09:15:19 GMT
x-content-type-options
nosniff
age
267504
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8461
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 07 Oct 2022 09:15:19 GMT
siegel-2.png
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/ Frame EB20 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/siegel-2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c8563083b9355682acd59692a6a0a3819a2b819ecb275ac8c2a0fcdf4ee0188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 10:23:34 GMT
x-content-type-options
nosniff
age
177009
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6834
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 08 Oct 2022 10:23:34 GMT
logo.svg
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/ Frame EB20 		1 KB
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/images/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60576232472f68d95df1af2c82ccb71bd4a30e26d6ce0202d3df5449d9a1727b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 08:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441680
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
531
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 08:52:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100502&jk=783628202379948&bg=!W1ilWBzNAAbGFvHlxhY7ACkAdvg8WruYsF2DCgy8WlioGgHRHfXBtIGuyWZbwsvsljYhBqf1Ewe3aQIAAADcUgAAABRoAQcKABbkaDvXGxSdcd3xkAaGzhkPkFI6kuNmmQLP87Yt7SYNZKUnUSZ41RAl8Ksni-nWM16GNiucAYMkHHm2g1q8CQI46hJpIUi5PBcZ8HbrMh3mEXnynCj7RjaV6InpB4t0emikjLtgODpR7gtaLrmAGcG7ILR-owUdnDDfFmRbetoGPAeGeUt8t6Q7BYVMgl9_i3V4K1jpaAZpe4dJXa6DL7Nf98t_n-gHk2UdXDaMF55uSMtIpUCYZmGpEYgk2WpmYsCNRDeFVBFXUqQ1mDFVUeAlwkc9b4otDHirswuFP5KO-1zEQdg3XtaBkZvzBtXl5dBka-nvRz8xVJyR9jrpiuiASB6c4kM5uWkMSedwuVsJxK1Md80PFl8v02137x69WuUTl-JMEsRSbhcrhB2m1VOJwR_bVGQM2JTEg1mr3jBReiT0OyBFJqSEm2055TUU4WM_x_ZnJqqRpbq2KsdXKY0VPyXeJVYqRQE-i8LHbfbnf2z403BwKztwR5dsWuR8mcDBpl-SHgzXr9WK8p3kTWL0bfD3tK351hw6lyc4q3KU-ByRkoM6w2bWSS0Aun81IkrHnRL7YdNn7AVcY07rtQEMuyP8m_WzwJfRcyf7GIfWJy9cminZnGsB3DNW0Z1uLD2wAEEOaHY3ldKCaYU_2qgFlrues0EVFvYtxYX862AUp8LODv1ibs3tJjRepldUIlZcBiXUE8uKaaveqR2clQIZAFJiqfvdwJY5B5DBuk1VctMNzqdVJ48Nqt8-URrgWJdX7SQ3BI6TQrCZ0eyB3tc7SPtXt9dQGm3fZyiSc-l8Xry_JKaFVH0AFbr0utI6uvxWu-7FNfk5P-7k_cP_L-kPqKk8viJRIA9oOXPTikDPG-XiaLDQYfYXmtc8Zxu1YknYxeMBNFKe7dF75PRClcWIlYj84m6ToJg3av6zYJkXuEb0EVrcj8K5dw0WG0Y9l_P456z42eOtnpzdcBEL8GEJmc0-r9xmBKo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2409 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5lpSls9iYZ65JMXV3wOktYfQAwAAAAA4AeAEAg&bg=!tLelt_PNAAbGFvHlxhY7ACkAdvg8WmITNHlAgJirOMdtTR2KqVkjGjUotPhKFeWaY3sUV-3IOr3L8gIAAADEUgAAAA1oAQeZAw4bCThH2_2FbH0j_hK7L4iPOW_XPpTp3qlLE6KP1UU4EUO0fLMVTWwYrrcUlkdi96xV_r5J0adnpEfauUpXowMvWULRC_IZ56EF8A1V247k9_i_tgrGNzJbsuXhbUiU1B6vvYKAHGiG8UqgE1S9lEUQjk-LGf2crPB0C6BbLSY25s8GrcJ8ZOhTURiRYJr32UPzsiHF578CxOiFGnyxoNaC8kymuiVZDM3uRJGaLf600dzDPhhOW1NEJ-VJv8bSDOjsvuO21hZZReYQuLoUokqTyw3mPCg1XCgbjUA34LNYbmuVuP7hxZIlTdFUae40CM8rzuJeuiOqzJmbZHabFtqle7VzWno6MmQLfQP0xDlSsia5Z60_TP3x9LsdGkYGyOX2noUazc4CHX1cLQn2Lryir_WLxr_RUrkJcgELnHsS2WtbD5-YUIPSZop6EtD9_g0Fmw8rXU_4AGrEou8qT9rR7I3gGE_vv5vrdimmjDaw5XpwKYs5Ywm0zJSd1IAUYQxqTIWFeL_wpxULcUGKQ8vUfRc77RH9fQDHzilexRJdF2sCwm6HfO_bgOmr6rtoWRbZrVMZbyUwa-pd7d0WNn7BiiAJ7tClR1eoW6_Lj5LCJpkTztAZpKaeRfUW5qMmahZP7h83Yk1Gko8Jr20kht9vfAgwXNXTBb1jMHFuLN4ZvO4x7LDigQMhBailvHqrjk_gCxd6HOOWFkpOeqH3MR1E_LSTCox1gmQhBRR1sJ9FGFDINxVayMFyhdNzig2RgChoMY0nyKxDLF8OL8W50sXsJFj28xZ5Pp99KyjWqRCY8LtVtTQVTR_5EDWrFZuDzwX6NQasOZW91I3lww5AWRqbkWRLNTaoQ2QQoHdYqtgdz_pVyyDPzQFxYVKsmZUZRkbeCRmHk3gulu2eHA4AbfdLx3qIcqFeq2KC77ojg2Z728w6EFrbI8rB2ZVT4Ies_LezVqtW367iteGRC0uKEFOq-lJCGKAfDlhAbl7yLLj6c3uc-QVguNMiUmaNNnMkMHR7hpkUaX_Gy8hnErO7Rw
Requested by
Host: 43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
URL: https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.css
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/css/ Frame EB20 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/css/main.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/js/pre.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c99062b246eea15ea837a3d4a2c955658fc82db62afd98be86dcd23143b997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 22:05:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566892
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1475
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Oct 2022 22:05:31 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame EB20 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/js/pre.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Oct 2021 11:33:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 641A 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvz8-AsrF5CjiAbPSW00qm7vPcO0q1wlxurent917KGjwLIJ8KzdUH69plY0QSKjVkx41M6EmS0cYNHhk1LTKcn9mlq6AeGHZWamzIN16oDkdrYIuMJjGwxG4C3fhUhaP7k6E9rcHvO1VH2T0jB0-r8_F1KO6Z1aZ1t_valh_tcZFdatoNB5S6Bjo7WWAul6JZdvdiTRRqOaUgaCpWF6omKPOt5ar3FTZ2WjhgSPKzctGNDi9y-UJ_Sgak0ldo63C_KZARGGZ8_vhDHr55H3wTrA77wSZKPD7nnvSbhEx5YAeAeew9ApLQn1wzYgxhJEG6nUeOy_HeLwXK5PKIJD5mfnxE6-Kky_8FiKRYhKXKcnMRQN8MNKXBFwPVqG5sePIY1TQ8itYVE63nRrizprwxRWTHnryTrQ4b79AFBZEgAgeVWTX8An7mTlO-TQFOm8SsUbSXOgcc7qsBVONQWYBEaZ4XTUEXYWly39o46iCSDY0y5drgflIETNWlpmb5lpiauGFQH1QHtx9KkFBzJmyxcTjzg9BgsharptWU5xU8sF5hmmDLNyODUpn3mYkkE0nD-ioc24ESgLzfSY-uRyRYrX2__VmJyRpFldllcwX53ftr4zd6kCry5nVxL5iLIgLSPasO2qX-e72diiQBnRlCIZbRwfEvpCv4y8HZj3_0oI7U0_BInb5cAmSEX6EOcTL7eNzjXTIbo1VQ3REK1OVB84VW1Jsv20xsOJR6fv5F6xnI89esWWSANxblie5lhUbw5kGTHtRhtUjFa4LLvTA5xffuVsBabUYu9GzH3VgsuWR75jLTrWP88bgWJqFDtRnzNCeAixWyNLpM0gkxPljHkQ5Kp87jVXwQrUCS3-TomltiVa8-yyInph8zfQjPI9kdSY-siAdpYGGgHRHWnqMmxAeoWKymtTT781EeiF64ui2gma5j0OswtG6vWDrXYwNplW6Z46DRWmOae2X9VerKrwssfZ2udNkhPPH6d46uJKXax3dkffQkP7XE9EJNWB0qXTja4KSkbPEEWLZmsEW4ykAX74rYUD3Eh5Aq2mURN_UsVwtcW5y0RtvV7hlkV7FmDgV0ZA8t5YoCJZEbliLQkoUcQXsJtvR-3FoVL69kuEVSBAD_8ZP4_YTB_8gqaNXZ0srqKi2dF9LZPv3-jhJLgbNrlDn9NDdrqFr_D9ypz44mIy0ClpimWZgso5-x62FcaayPGn6_awFiF0k8ZhGip1FRL19K1AzPvcMvnwrRZ2yWZfKE9XsTqkxpWOk2Ln6wFhtAkrb0DyYK65rSentQas5eoiuBD7Qqs_g&sai=AMfl-YQIzKmWiu2dsVDdr1yio_YyJiVOYHqb_gMk20dLQgb6tGdMWh3XMThL23Lb04W8YjbLZXgml7cuK6UNXjIxjvBBsHKm5CDcK-wjjOGALX_YfNrqInXPnHBVJf0BNMpH0FeMkeeW7FFUV0R8F5S-O8A9jMRlrxBtGSdMgMtKQEtF4b55G2yVf9tlPzeHC-3-Z9e_vOgFqhpIA_k6HaEpEQUiu3CshM0WAzHAOP0Od_1xMoMz8FxkSBokOaapm9vatRgZIbmJmrW2UWDAVzJtEvbMeCdW_IYRrhPbWvNY-oy6Udsz8fg&sig=Cg0ArKJSzMYy5d0lwkmFEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=473&vt=11&dtpt=395&dett=3&cstd=74&cisv=r20211006.99752&adurl=
Requested by
Host: www.logicuser.de
URL: https://www.logicuser.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 11:33:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
main.js
s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/js/ Frame EB20 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/js/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/assets/js/pre.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aea684946e10ea6404391b2cbfb44b1052b59ffcc1e9f04c17ba6f0e38e62c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/727434987529199256/06_Think_Phase_Billboard_Banner_Laden/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 04:34:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1721
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 04:34:54 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.logicuser.de%2F&domain=www.logicuser.de&cw=1&pbt=1&lsw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.logicuser.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.logicuser.de
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1483
date
Sun, 10 Oct 2021 11:33:43 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.logicuser.de%2F&domain=www.logicuser.de&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=IG2AnHx4NkJ6TitWTUNuNTI1KzN5VjZKRHhMMTI1L3hLTkZ1Q1dZaGtpUHVzVDdpMFZSV3pwcTE1RWJSSjllUUdXZ0k5Szd2WkNJdTRkeDNOZ2tOUFl0ei9qRlhicENaVWRMSjNnUFJyVG5yZ0RIcW50b3prZWg0V0pVUE...
411 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IG2AnHx4NkJ6TitWTUNuNTI1KzN5VjZKRHhMMTI1L3hLTkZ1Q1dZaGtpUHVzVDdpMFZSV3pwcTE1RWJSSjllUUdXZ0k5Szd2WkNJdTRkeDNOZ2tOUFl0ei9qRlhicENaVWRMSjNnUFJyVG5yZ0RIcW50b3prZWg0V0pVUEZxMFM3ajh5bnl2NmtOK092ajZLczQ3N21PejRmR1VyTmliVFFIWXpNd0k4NDBwVUk3LzQ1NlJKT2JZY0FFWnkvVlpjQmZwZnc0QlhKZ3hFQ2piSWNCaVI2OGNjUTZ3MGlDMHZ1RzJPMmR1cGR0am4yZzlmRjU2aG1MaDhpcGNmMUNXWEQwVzNXSGJFQWRIdG1nTlNWbk9ZM1h1T2d0dmhJQkFya3VtTFJPZCtrd2VmdXNNaz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
dc0dfaa49f8c72aca5efb79418aa1010ddf64333c11c864416b8e2ba1522c7dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 10 Oct 2021 11:33:43 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2383
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 10 Oct 2021 11:33:43 GMT
location
https://mug.criteo.com/sid?cpp=IG2AnHx4NkJ6TitWTUNuNTI1KzN5VjZKRHhMMTI1L3hLTkZ1Q1dZaGtpUHVzVDdpMFZSV3pwcTE1RWJSSjllUUdXZ0k5Szd2WkNJdTRkeDNOZ2tOUFl0ei9qRlhicENaVWRMSjNnUFJyVG5yZ0RIcW50b3prZWg0V0pVUEZxMFM3ajh5bnl2NmtOK092ajZLczQ3N21PejRmR1VyTmliVFFIWXpNd0k4NDBwVUk3LzQ1NlJKT2JZY0FFWnkvVlpjQmZwZnc0QlhKZ3hFQ2piSWNCaVI2OGNjUTZ3MGlDMHZ1RzJPMmR1cGR0am4yZzlmRjU2aG1MaDhpcGNmMUNXWEQwVzNXSGJFQWRIdG1nTlNWbk9ZM1h1T2d0dmhJQkFya3VtTFJPZCtrd2VmdXNNaz18&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.logicuser.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1997
content-length
567
expires
0
rid
match.adsrvr.org/track/ 		108 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=oztgoii&fmt=json
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
7f5e3bcd9943d7b56fdf5a0ac0465744e18b9510544226fe87bc36e073ffecbf

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.logicuser.de
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 09 Nov 2021 11:33:44 GMT
sync
eb2.3lift.com/ Frame D430
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
e27e876d8365b74798cdc0dd9450cc2215664cb3551c66c1fcf6133ab9f92d54

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.logicuser.de/
accept-encoding
gzip, deflate, br
cookie
tluid=10707733885485426918
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=utf-8
content-length
466
set-cookie
sync=CgoIgQIQ2tTrz8YvCgoI4gEQ2tTrz8YvCgoI5gEQ2tTrz8YvCgoIhwIQ2tTrz8YvCgkICRDa1OvPxi8KCQg6ENrU68_GLwoJCAsQ2tTrz8YvCgoIjAIQ2tTrz8YvCgoIzgEQ2tTrz8YvCgkIXxDa1OvPxi8=; Max-Age=7776000; Expires=Sat, 08 Jan 2022 11:33:44 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=10707733885485426918; Max-Age=7776000; Expires=Sat, 08 Jan 2022 11:33:44 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-length
0
set-cookie
tluid=10707733885485426918; Max-Age=7776000; Expires=Sat, 08 Jan 2022 11:33:44 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
csync.smilewanted.com/ Frame 54FF 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e61b3c8130d4175be823e3ffd547d878bec17f1a76d75ab67adac8865ab6465d

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.logicuser.de/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZgdR9S8bMAUujK3i%2FqIbbtBCJa%2BuNOOvAZpVwV6lreS6YF5dZ35m6XxeVJD6ABnZQmpcAEYN2hTeM9VO%2FJbFKOlvwCVfY85GicbMKZEo22aJVzfONzP7Ccr4yGQ5wECAIT3cjIPRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69bf8916ab0a4e80-FRA
content-encoding
br
check.html
biddr.brealtime.com/ Frame B468 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.logicuser.de/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

Date
Sun, 10 Oct 2021 11:33:44 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
Dt294QpawtNR10fmt04i/E9z//OMSi9w/VEk3jrbZgYkkUJUkpy+PD6nufgStLb0aV63ozhzeoQ=
x-amz-request-id
HWSTNQVGK70Z6EFW
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
1328
Expires
Sun, 10 Oct 2021 11:34:44 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
69bf8916dfea6964-FRA
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 7C63 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.logicuser.de/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxp8CPrzPAh1r4P5OmjjR8TyZL2OieOkSHO3tj2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GKFAIiqgWpDr9WOsX4JPWMcjCRbro=; khaos=KUL5ELKZ-Z-HOQ6; audit=1|hLZGFuTafB0ah313K/aWGeMH05QULE/jV/G9Z/GRzTwqxomP/o7qYuxPefmE2tIOdsI1AHJSBLFuAMeMVbPMxSYbB5SW5XQ3aoq6YbuNx6I=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Oct 2021 11:33:44 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame A321 		668 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a3af9f39-79a3-485f-937a-5e98dbcd0d22&gdpr=1
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
c2ff493e3180acde0e65d9f87a4da7c47605c52d7c6184fa0ba428af23c5db0f

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=a3af9f39-79a3-485f-937a-5e98dbcd0d22&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.logicuser.de/
accept-encoding
gzip, deflate, br
cookie
i=5f259d36-1d0f-0b18-1e77-543977431323|1633865620
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=5f259d36-1d0f-0b18-1e77-543977431323|1633865620; Version=1; Expires=Mon, 10-Oct-2022 11:33:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1633865624|gekin0vNiygu; Version=1; Expires=Mon, 25-Oct-2021 11:33:44 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame A66F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.netpoint-media.de
URL: https://cdn.netpoint-media.de/static/prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.logicuser.de/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=941953886362793386; uids=eyJ0ZW1wVUlEcyI6eyJ5aWVsZGxhYiI6eyJ1aWQiOiIwMTM4ZDYzNy1jNDE0LTQyY2YtOGUwMi00NGU0NDUxMGUxMGMiLCJleHBpcmVzIjoiMjAyMi0wMS0wOFQxMTozMzo0MFoifX0sImJpcnRoZGF5IjoiMjAyMS0xMC0xMFQxMTozMzo0MFoifQ==; anj=dTM7k!M4/QCxrEQF']wIg2GTtmrD+`!]td08i_iqf!oN/@E'zz<*Z0Q3GzNhpFU$DHbjJ!-x91lHatA8N<Fk%tAQ[k/X%W#.wLO'6/70Aa8[pJRDj(TR9UP2=fof@=tT:fJAlF#R0'hk?KFm^'4U5I'Ccrq8pKiK@'s>TJ2c@/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 10 Oct 2021 11:33:44 GMT
Age
23079
X-Served-By
cache-lga21975-LGA, cache-fra19130-FRA
X-Cache
HIT, HIT
X-Cache-Hits
228128, 202775
X-Timer
S1633865625.656007,VS0,VE0
Vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IG2AnHx4NkJ6TitWTUNuNTI1KzN5VjZKRHhMMTI1L3hLTkZ1Q1dZaGtpUHVzVDdpMFZSV3pwcTE1RWJSSjllUUdXZ0k5Szd2WkNJdTRkeDNOZ2tOUFl0ei9qRlhicENaVWRMSjNnUFJyVG5yZ0RIcW50b3prZWg0V0pVUEZxMFM3ajh5bnl2NmtOK092ajZLczQ3N21PejRmR1VyTmliVFFIWXpNd0k4NDBwVUk3LzQ1NlJKT2JZY0FFWnkvVlpjQmZwZnc0QlhKZ3hFQ2piSWNCaVI2OGNjUTZ3MGlDMHZ1RzJPMmR1cGR0am4yZzlmRjU2aG1MaDhpcGNmMUNXWEQwVzNXSGJFQWRIdG1nTlNWbk9ZM1h1T2d0dmhJQkFya3VtTFJPZCtrd2VmdXNNaz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1081
date
Sun, 10 Oct 2021 11:33:43 GMT
content-encoding
gzip
vary
Accept-Encoding
sd
eu-u.openx.net/w/1.0/ Frame A321
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=745a6162-cf94-4200-bee9-52925d1cd6b2
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=745a6162-cf94-4200-bee9-52925d1cd6b2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a3af9f39-79a3-485f-937a-5e98dbcd0d22&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 10 Oct 2021 11:33:44 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=745a6162-cf94-4200-bee9-52925d1cd6b2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 10 Oct 2021 11:33:43 GMT
sd
us-u.openx.net/w/1.0/ Frame A321
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NyqaD2J9lQUsKJkKNn2BCDd5zQ8sKJwINiKy4vdB
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NyqaD2J9lQUsKJkKNn2BCDd5zQ8sKJwINiKy4vdB
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a3af9f39-79a3-485f-937a-5e98dbcd0d22&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NyqaD2J9lQUsKJkKNn2BCDd5zQ8sKJwINiKy4vdB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame A321
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5208185477574498488
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5208185477574498488
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a3af9f39-79a3-485f-937a-5e98dbcd0d22&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5208185477574498488
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame A321 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=8c89a26f-b488-34ef-44a1-9cd1136420de&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a3af9f39-79a3-485f-937a-5e98dbcd0d22&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A321 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTBlNjcxYTUtN2RmZi02YTRiLTUxNDEtYzY2OGQ5ODZlZWJl
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a3af9f39-79a3-485f-937a-5e98dbcd0d22&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A321
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYre2UuhRbYQzIKERM4oyQ&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYre2UuhRbYQzIKERM4oyQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=a3af9f39-79a3-485f-937a-5e98dbcd0d22&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYre2UuhRbYQzIKERM4oyQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7C63 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 11:33:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65995
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Mon, 11 Oct 2021 05:53:39 GMT
async_usersync
ib.adnxs.com/ Frame A66F 		0
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:44 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7b8ce5f1-f5f0-42d1-9419-d2d0ef006b7d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 54FF 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440594
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyWKjP1H6m8JP0WcPzYMX7pJb%2BOsQg6iFZlCFyUpzo%2FCWhlaBXwQpzNEmBWISTK1crhZSWKyeutWVTvsgtDjWtBuLIt8%2FMjMTxB6pZ7Ekqo%2Fum9HvcDKoYTuTRuv2iXYZP7oa4yIKMg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
69bf89177c4d4e80-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
generic
match.adsrvr.org/track/cmf/ Frame D430 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame D430
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP2bOcXJ_NW6jSNjjQGKHzE&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP2bOcXJ_NW6jSNjjQGKHzE&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP2bOcXJ_NW6jSNjjQGKHzE&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D430
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA3MDc3MzM4ODU0ODU0MjY5MTg%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA3MDc3MzM4ODU0ODU0MjY5MTg%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA3MDc3MzM4ODU0ODU0MjY5MTg%3D
date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame D430 		0
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=10707733885485426918&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 -, , ASN (),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
XWuxBCGorBYANqGOKisAAA==
xuid
eb2.3lift.com/ Frame D430
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/10707733885485426918?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-6gAU_plE2oRNoUZ5x.0IbSv98QmkvWyVTDAwryacFQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-6gAU_plE2oRNoUZ5x.0IbSv98QmkvWyVTDAwryacFQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 10 Oct 2021 11:33:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-6gAU_plE2oRNoUZ5x.0IbSv98QmkvWyVTDAwryacFQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame D430 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=10707733885485426918&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.4.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-4-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 11:33:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame D430 		42 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=10707733885485426918&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
etag
"367bb54357aad71:0"
last-modified
Wed, 15 Sep 2021 17:29:40 GMT
x-msedge-ref
Ref A: 25A80C60CE74428485D60CECE7CE2C6D Ref B: FRAEDGE1418 Ref C: 2021-10-10T11:33:44Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame D430
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=10707733885485426918
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10707733885485426918&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10707733885485426918&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BNFM0T19H896Z3NV96ZD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10707733885485426918&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D430
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame D430
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8879911698156568978&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=8879911698156568978&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=8879911698156568978&dongle=d407
pragma
no-cache
date
Sun, 10 Oct 2021 11:33:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
learn
de-gmtdmp.mookie1.com/t/v2/ 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_343&src.rand=25044602&src.id=TripleDoubleU&src.domain=www.logicuser.de&src.url=%2F&gdpr_err=NO_CMP&gdpr_consent=-1&depp=7.0.1-4-eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
175.238.186.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.logicuser.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 025F 		0
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/drop_cookie_sw.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=lRZ4%2B4BjGB75GCG4angrK8j983gbxXbcrF1oHcs7SyxLdZHUNnakn4Dy%2BcFSyho%2B6EJvzwIsCbGG6y4B1abqedjdxNOCIW3%2BA%2BYwaib8QkwcNuC18bGgvenhBeMwTtePOI7o265cvwjkVLW8D%2BruwA%3D%3D; expires=Mon, 10-Oct-2022 17:22:56 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PJjS%2F8vB1u8UZouswgH0p2lXZMJK2Se09JNwuJjezoe6H5U%2FxbR3rMg1LdmJqTwrMOe2Isq39pJCQQ8D4RFxnHUTgeJHklBi8c5g5gOTJKphyUMOWpcxdzfBdPqJMXI0lhrQ8Fn8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69bf8917ccdf4e80-FRA
content-encoding
br
440152998966965591
csync.smilewanted.com/set_partner_userid_get/smart/ Frame E880
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/440152998966965591
0
951 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/440152998966965591
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/smart/440152998966965591
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
cookie
sw_user_params_infos=nmKWvgFl19bIvOGpe2ze2hqf%2FBcuB5tBbE3RhWT%2BpURUx9VXPM5QhZBMDYXVwNivOxnItbHksXm9b6bsZPVTpQGTEoA0b5qLn31fhf98GGf7KNQ5T1DaY6MJtIhp1Pn2rHZI81To9%2Bg%2FOZOnrVvk23e%2B%2F8%2BVZPG%2BzBnzX7BqWM1yiYZ0xLGYvxOst%2FkvxVXDy5QrMxkZPap4i8z8a0zwHgn%2FICUSlSzgwm6lcUyT2Gg%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=PMSRcU4BY%2Bu7h0B1MxGtou8HeQejShMwfvUYjFIGx%2B8hv4yrd3k1CpQQpAnlCrkRXbe%2FniiUH7A%2BewDhTZGg7GsgYeCkyhCdimc9xOzQE%2FXagdVYrnJi5xbMFCNIb6FCrMj9TkqxGaY2%2BgTNHolGa5Tf0DelgIIAko0NJFOMbBDcmh1huGzcMQW%2FG5hya74jOJDoDKrcE62lIuV48JeAllHLKXmkzJbcpYQr%2FGw1eOMYVdBGSZ5EJFT%2FbbGPrsi5; expires=Mon, 10-Oct-2022 17:22:56 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKlZ4IKDlXji50WnScxi4MLK775pGLEsDsv0o0Tr6raE%2BLRnA9C8GNVTbac7juxmiCIAvRQW1QPGQyPYh7mICQmOB%2FreTWdJW%2B1iv%2BEWn3rwSfVchb67fZE4TvJPDUSb7YNnXFOrAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69bf89188dff4e80-FRA
content-encoding
br

Redirect headers

date
Sun, 10 Oct 2021 11:33:43 GMT
content-length
0
cache-control
no-cache,no-store
pragma
no-cache
location
https://csync.smilewanted.com/set_partner_userid_get/smart/440152998966965591
set-cookie
pid=440152998966965591; expires=Thu, 10 Nov 2022 11:33:44 GMT; domain=.smartadserver.com; path=/; SameSite=None; secure pdomid=20; expires=Thu, 10 Nov 2022 11:33:44 GMT; domain=.smartadserver.com; path=/; SameSite=None; secure
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tap.php
pixel.rubiconproject.com/ Frame 7C63
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWLPlwAIBq1EXAAT
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWLPlwAIBq1EXAAT
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1633865624.304262,VS0,VE0
x-served-by
cache-fra19166-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWLPlwAIBq1EXAAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 7C63
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2VlNGYxNzk3MDBiMGU5OWE1MTYwMjE0MTlhOWZkYjhiNjcyZjlhNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2VlNGYxNzk3MDBiMGU5OWE1MTYwMjE0MTlhOWZkYjhiNjcyZjlhNg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2VlNGYxNzk3MDBiMGU5OWE1MTYwMjE0MTlhOWZkYjhiNjcyZjlhNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 7C63 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 7C63
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VMNUVMS1otWi1IT1E2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VMNUVMS1otWi1IT1E2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VMNUVMS1otWi1IT1E2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7C63
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=745a6162-cf94-4200-bee9-52925d1cd6b2&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=745a6162-cf94-4200-bee9-52925d1cd6b2&expires=28
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

Date
Sun, 10 Oct 2021 11:33:44 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=745a6162-cf94-4200-bee9-52925d1cd6b2&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 10 Oct 2021 11:33:43 GMT
v1
ads.yahoo.com/cms/ Frame 7C63
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUL5ELKZ-Z-HOQ6&sigv=1&esig=2~615a889ccfc6438ba29d1c9718c480199e380fc4
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUL5ELKZ-Z-HOQ6&sigv=1&esig=2~615a889ccfc6438ba29d1c9718c480199e380fc4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUL5ELKZ-Z-HOQ6&sigv=1&esig=2~615a889ccfc6438ba29d1c9718c480199e380fc4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7C63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFDk7SbI43dwfKVa91zeZRg&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFDk7SbI43dwfKVa91zeZRg&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFDk7SbI43dwfKVa91zeZRg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 7C63 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
825265f7-2986-4d95-8b7b-f2418a4d1b16&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 4B39
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/825265f7-2986-4d95-8b7b-f2418a4d1b16&partner_id=1010
0
604 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/825265f7-2986-4d95-8b7b-f2418a4d1b16&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/improve/825265f7-2986-4d95-8b7b-f2418a4d1b16&partner_id=1010
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
cookie
sw_user_params_infos=lRZ4%2B4BjGB75GCG4angrK8j983gbxXbcrF1oHcs7SyxLdZHUNnakn4Dy%2BcFSyho%2B6EJvzwIsCbGG6y4B1abqedjdxNOCIW3%2BA%2BYwaib8QkwcNuC18bGgvenhBeMwTtePOI7o265cvwjkVLW8D%2BruwA%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=nmKWvgFl19bIvOGpe2ze2hqf%2FBcuB5tBbE3RhWT%2BpURUx9VXPM5QhZBMDYXVwNivOxnItbHksXm9b6bsZPVTpQGTEoA0b5qLn31fhf98GGf7KNQ5T1DaY6MJtIhp1Pn2rHZI81To9%2Bg%2FOZOnrVvk23e%2B%2F8%2BVZPG%2BzBnzX7BqWM1yiYZ0xLGYvxOst%2FkvxVXDy5QrMxkZPap4i8z8a0zwHgn%2FICUSlSzgwm6lcUyT2Gg%3D; expires=Mon, 10-Oct-2022 17:22:56 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTcvdqxvpzolkWJJeUKGnXzUZKxvFBCNS2nppK74vgXEicuxrdPcqI1LBbRwcriu2uaEQNUu6QhtuwqhjXGzFGu8ZINeBKP9bIwe7dZSZ3I6K7%2BwPkFV9u6hzIoDDN3GYN0%2FHiWjRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69bf89186dc44e80-FRA
content-encoding
br

Redirect headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/plain
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/improve/825265f7-2986-4d95-8b7b-f2418a4d1b16&partner_id=1010
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame 4026 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
pixel.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://csync.smilewanted.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxp8CPrzPAh1r4P5OmjjR8TyZL2OieOkSHO3tj2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GKFAIiqgWpDr9WOsX4JPWMcjCRbro=; khaos=KUL5ELKZ-Z-HOQ6; audit=1|hLZGFuTafB0ah313K/aWGeMH05QULE/jV/G9Z/GRzTwqxomP/o7qYuxPefmE2tIOdsI1AHJSBLFuAMeMVbPMxSYbB5SW5XQ3aoq6YbuNx6I=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Expires
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0BDA 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=30566F1E-48BA-433B-B0A0-85BC34C2DA9D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=140148
expires
Tue, 12 Oct 2021 02:29:32 GMT
date
Sun, 10 Oct 2021 11:33:44 GMT
vary
Accept-Encoding
YWLPlCstr60WuSevT2FqlAAA%261120
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame C254
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YWLPlCstr60WuSevT2FqlAAA%261120
0
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YWLPlCstr60WuSevT2FqlAAA%261120
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/indexexchange/YWLPlCstr60WuSevT2FqlAAA%261120
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
cookie
sw_user_params_infos=PMSRcU4BY%2Bu7h0B1MxGtou8HeQejShMwfvUYjFIGx%2B8hv4yrd3k1CpQQpAnlCrkRXbe%2FniiUH7A%2BewDhTZGg7GsgYeCkyhCdimc9xOzQE%2FXagdVYrnJi5xbMFCNIb6FCrMj9TkqxGaY2%2BgTNHolGa5Tf0DelgIIAko0NJFOMbBDcmh1huGzcMQW%2FG5hya74jOJDoDKrcE62lIuV48JeAllHLKXmkzJbcpYQr%2FGw1eOMYVdBGSZ5EJFT%2FbbGPrsi5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=YkDNv5aW7jeVjODrTkgoV%2BPPRKiWV9DdaFNRbtfVVtsoI%2BbeY4TDcQQI3MPHzHT4sTlMWxxSlHGbOigK9wt8kYjiQcXrJEzQkyYmVb3Ix4e8GJaQuSxhwFMH%2B5Wc%2B%2FIWS8Jokhghn8I5IZ2hrsmDbu2BEO2X6z5s3H%2FxnoLCy58VLmf0%2BaHIMecEXCif7a7epDlbUFapouEtxasHQB3JZD7cp%2Ftm3WMyUZz7bCQWbe1fboVwU5xjOQA%2FiopeOdBuvrZyMDFrRNPu0yJ2l9Oef1Hi4O%2By8bDsnUjKHludgUVcy2sGdcuWGcRJ5Re1sVvtfVEb%2B0z4Fvub9Pt9Mh113Qn%2FICUSlSzgwm6lcUyT2Gg%3D; expires=Mon, 10-Oct-2022 17:22:56 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMV%2Fj5AIIg0GWf0bS08aM8GWD67AY7Sif1DcC4efuIwiubQYZGtVA1l%2FFPSAwtJUDkl41DPrhkKqGJs%2BITnE6ivQZHvvI%2B%2FvMESQRHIpHVKlSAs%2FBBHyuEwAENBUbyOZ81zypHNC0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69bf89194fc14e80-FRA
content-encoding
br

Redirect headers

Server
Apache
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YWLPlCstr60WuSevT2FqlAAA%261120
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 10 Oct 2021 11:33:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:44 GMT
Connection
keep-alive
Set-Cookie
CMID=YWLPlCstr60WuSevT2FqlAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 10 Oct 2022 11:33:44 GMT CMPS=5193;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 08 Jan 2022 11:33:44 GMT CMPRO=1120;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 08 Jan 2022 11:33:44 GMT CMST=YWLPlGFiz5gA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 11 Oct 2021 11:33:44 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0BDA 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19005850&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5253cd73342f8a3fa126b97592c21a26269e6850e1d89b35306762ab532dfe6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 4773 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=30566F1E-48BA-433B-B0A0-85BC34C2DA9D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=30566F1E-48BA-433B-B0A0-85BC34C2DA9D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1; uid=5208185477574498488
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5208185477574498488; expires=Thu, 09 Dec 2021 11:33:44 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 8D97
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5855219308441562158
42 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5855219308441562158
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5855219308441562158
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=30566F1E-48BA-433B-B0A0-85BC34C2DA9D; chkChromeAb67Sec=1; DPSync3=1635033600%3A219_201_197%7C1633910400%3A174; SyncRTB3=1635033600%3A8_220_13_54_7_3_21_161_56%7C1635120000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 10 Oct 2021 11:33:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-5855219308441562158; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 09-Nov-2021 11:33:43 GMT; path=/ PugT=1633865623; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 09-Nov-2021 11:33:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 08-Jan-2022 11:33:43 GMT; path=/
x-lat
amspug010:0:488
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5855219308441562158
set-cookie
guid=1.5855219308441562158; Max-Age=31104000; Path=/; Domain=.de17a.com;
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame BFC9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=30566F1E-48BA-433B-B0A0-85BC34C2DA9D; chkChromeAb67Sec=1; DPSync3=1635033600%3A219_201_197%7C1633910400%3A174; SyncRTB3=1635033600%3A8_220_13_54_7_3_21_161_56%7C1635120000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 08-Jan-2022 11:33:44 GMT; path=/
x-lat
lhrpug001:0:480
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Sun, 10 Oct 2021 11:33:43 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Sun, 10 Oct 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2310979
30566F1E-48BA-433B-B0A0-85BC34C2DA9D
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 5285 		0
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/30566F1E-48BA-433B-B0A0-85BC34C2DA9D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/pubmatic/30566F1E-48BA-433B-B0A0-85BC34C2DA9D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
sw_user_params_infos=PMSRcU4BY%2Bu7h0B1MxGtou8HeQejShMwfvUYjFIGx%2B8hv4yrd3k1CpQQpAnlCrkRXbe%2FniiUH7A%2BewDhTZGg7GsgYeCkyhCdimc9xOzQE%2FXagdVYrnJi5xbMFCNIb6FCrMj9TkqxGaY2%2BgTNHolGa5Tf0DelgIIAko0NJFOMbBDcmh1huGzcMQW%2FG5hya74jOJDoDKrcE62lIuV48JeAllHLKXmkzJbcpYQr%2FGw1eOMYVdBGSZ5EJFT%2FbbGPrsi5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=saV%2BXbglT0JqwYc1oR7wahcvNM%2BZD8CiOwowxn0wZMVerwmL%2FfX8OJE5xeOifUaXCvVYKB%2BG4VijN7RYmSpbNRnlTU94rEtimCPqozTGOHn73ltC4sSBoPp0PJMV23jWszuMuHEPAkoYQ2Pzgdu%2BdWhf%2FwFHGzno4gM1h8ZsMBwbAEdAyMNZym40pwTiiNsRBPkxSv2AKC1sXkCo7ppw4MoXIHwWViCczjq2qBxpWYgs0M%2BBo9hNoWOi4yG9%2Fl%2F5mpEEWBSEGQfZQ5c1BD%2FUTtqdBMiNW7sm%2FnG8LIV342myIOHGPHty%2BtTGK1We7B9dCf8gJRKVLODCbqVxTJPYaA%3D%3D; expires=Mon, 10-Oct-2022 17:22:56 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FU2GptI%2FgiYI1IwCNTDbwUD8z4n0aiwpE57aaoAaXa4ju9rv2ysGm6xmjiFxOWPZvDgLTs0idAeIumtkkV0Y6TXJgjOKOEAagJPzNxVVE9DrJh8UkqGvW%2Fj74nuHm7a3gLcNeXi9aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69bf89195fde4e80-FRA
content-encoding
br
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0BDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MFZvHki6QzuwoIW8NMLanQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=140148
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 12 Oct 2021 02:29:32 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 0BDA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=745a6162-cf94-4200-bee9-52925d1cd6b2
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=745a6162-cf94-4200-bee9-52925d1cd6b2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 10 Oct 2021 11:33:44 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=745a6162-cf94-4200-bee9-52925d1cd6b2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 10 Oct 2021 11:33:43 GMT
/
pixel.onaudience.com/ Frame 0BDA
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=30566F1E-48BA-433B-B0A0-85BC34C2DA9D
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=945e8c90b06b3af207a14c9998e02303
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=945e8c90b06b3af207a14c9998e02303
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.210.112.63 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-3.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sun, 10 Oct 2021 11:33:44 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=945e8c90b06b3af207a14c9998e02303
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 0BDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzA1NjZGMUUtNDhCQS00MzNCLUIwQTAtODVCQzM0QzJEQTlE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:437
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0BDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBAvLxLRl9CFqDQD7bgSous&google_cver=1
42 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBAvLxLRl9CFqDQD7bgSous&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:426
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBAvLxLRl9CFqDQD7bgSous&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0BDA 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 09 Oct 2021 11:33:44 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0BDA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=05afd6ca-3150-47b9-8008-abca41f63c5c
42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=05afd6ca-3150-47b9-8008-abca41f63c5c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:661
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=05afd6ca-3150-47b9-8008-abca41f63c5c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 0BDA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5208185477574498488
42 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5208185477574498488
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:449
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5208185477574498488
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 0BDA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:745a6162-cf94-4200-bee9-52925d1cd6b2&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:745a6162-cf94-4200-bee9-52925d1cd6b2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:429
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 10 Oct 2021 11:33:44 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:745a6162-cf94-4200-bee9-52925d1cd6b2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 10 Oct 2021 11:33:43 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0BDA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=941953886362793386&gdpr=0&gdpr_consent=
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=941953886362793386&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:409
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:44 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
77ed2406-6255-4954-972e-c9824d509105
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=941953886362793386&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0BDA
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Zqqy1zP9vd19qLHSZ_2p0Gb55dd9qLTQZ6Kmok7v
42 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Zqqy1zP9vd19qLHSZ_2p0Gb55dd9qLTQZ6Kmok7v
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:33:43 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:393
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Zqqy1zP9vd19qLHSZ_2p0Gb55dd9qLTQZ6Kmok7v
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ed2cccde-29bd-11ec-99dc-1708f5200206
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame C7DF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=ed2ccd16-29bd-11ec-99dc-1708f5200206
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/ed2cccde-29bd-11ec-99dc-1708f5200206
0
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/ed2cccde-29bd-11ec-99dc-1708f5200206
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/spotx/ed2cccde-29bd-11ec-99dc-1708f5200206
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
cookie
sw_user_params_infos=saV%2BXbglT0JqwYc1oR7wahcvNM%2BZD8CiOwowxn0wZMVerwmL%2FfX8OJE5xeOifUaXCvVYKB%2BG4VijN7RYmSpbNRnlTU94rEtimCPqozTGOHn73ltC4sSBoPp0PJMV23jWszuMuHEPAkoYQ2Pzgdu%2BdWhf%2FwFHGzno4gM1h8ZsMBwbAEdAyMNZym40pwTiiNsRBPkxSv2AKC1sXkCo7ppw4MoXIHwWViCczjq2qBxpWYgs0M%2BBo9hNoWOi4yG9%2Fl%2F5mpEEWBSEGQfZQ5c1BD%2FUTtqdBMiNW7sm%2FnG8LIV342myIOHGPHty%2BtTGK1We7B9dCf8gJRKVLODCbqVxTJPYaA%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=Xf0fMdDxsfHPgh%2FCHcUNunCz3tRLMSi4NJtm6LH5YZA2rj6%2FssST%2FruEtxcUly5EI7vvH4EtHjD0Xc2NvUmEHFXUFHJ1S3ALt3q1Qi%2FVLXw7%2FK8v0BARd8bCQpcjPBE1oCLiT3XKQHE9ToEQ1OVkOk3Pplou0aVam%2FinD%2B39BmvJmwMQOgWRb4imB%2FMN%2BB3gJoxRkBB6%2BKQ2XGTi5ITiWHPgGDWp5uO7LNcavzfU9lNIT1r3olA9qSAys06z2LFo38Hf%2FxmpJJvTInAyrSsKqB6nQ7qCWezihJmELPQuMaTtO%2FYlxbqkne0K2ULPid4M%2FQx0SvL%2BTDomrsXUqtmlB5%2FXTqxIeO4EgHQ2LmkeWHTeHOX%2Fwjfj%2F4PJoJyqcnv0; expires=Mon, 10-Oct-2022 17:22:56 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beId%2BBv90R51Cv%2Fd62ib1NJdO9ZdpfS3SVGJDVWUBijI2cmnMMoqTxRfjZR4sm7Y6LY0AOw%2FdZPF2fSXOK2rY4HMFfey5c%2FZDym35%2BlfnhyJlBCXx%2FNWN09WtZxjhK2t6z9pLrb1HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69bf891a39c34e80-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Sun, 10 Oct 2021 11:33:44 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=ed2cccde-29bd-11ec-99dc-1708f5200206; expires=Mon, 10-Oct-2022 12:40:24 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/ed2cccde-29bd-11ec-99dc-1708f5200206
X-fe
70
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
activeview
pagead2.googlesyndication.com/pcs/ Frame 641A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFkcWw82mwgc7zt8empDhK8Q4PFeCbwJKCUWrchp32pZFHR-C8aC7b6Rf9Rk7m9P2Tl2OFR4Vsg2P5o4lCzPTagQDth4L4k7GSvwCzqINQxzG_qeCe6w&sai=AMfl-YSj_d6ebU7E3sr1ueyAvYnRiyNIvlEdAoRfNtGWN5C9giawP4BfMcnsIxzsxMEiem6YXIjy80frRYHJFfg4YkOrp8Z_HkGGASpkPAqRi5EDMzQ6fSppsByVAvk&sig=Cg0ArKJSzOoeoksm2yCYEAE&cid=CAASEuRoJr2zsVUUpzt6t9Wy8M3bjQ&id=lidar2&mcvt=1012&p=0,0,250,800&asp=244,450,494,1250&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20211006&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=389164278&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633865623088&rpt=477&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 11:33:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 48B8
Redirect Chain
  • https://b1h.zemanta.com/usersync/prebidtest?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/outbrain/?gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
cookie
sw_user_params_infos=bdsp0uZYpREJYBfdy5yjHYaeXUuTHx%2FxjPeoaeDVZ7TiAotJWYR%2F%2FmIe11rdAIQ01PtIjGdj3KrfF3gG42gjVe2O6BgUug9Xs4TOYaQ7DpdhibZBkWr3uQr7rJLfi0UAxbIMFe8SJDTqUCz%2BxF64hFSRsDZ37zww708djx2WzpNQNKVdvyD7xnxgi9q1I6T7NSK7pv95R75hHZQ8qzjzPOuxwOMxTuZjUyY%2Fjm65jxEi3oHOObHj%2F%2FPiAPJ5IpSbso6UE%2F08JT44aTuvuNezdARQc3u7lTFU2FXV%2BxwW3g0ZmkJJGg8DNqu%2FRbplMPdvKhzaqa4f1TVZYlR%2BSzJG%2FNJXKKRU3pov7Hu05yuIYP4FLcZ2c4spCuf%2FMqO0vTqGQqIS5aGl0OEUHio39oBcbg%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/

Response headers

date
Sun, 10 Oct 2021 11:33:45 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wxGawOJEOfYPGSrt3NIwPnHEudtEk305tsvPmSZEy%2BlgDQu%2F3E8YGgRx2A2j%2Fjni8kDIHUR6kht6V9Ga45vh%2BtYJN5Ueko3tDo%2FdpI%2B9PW3fQ7xGS0GOmsKMHGXLi4b7jGee1YkLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69bf891d0f174e80-FRA
content-encoding
br

Redirect headers

Content-Type
text/html; charset=utf-8
Content-Length
92
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:45 GMT
941953886362793386
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 60F4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/941953886362793386
0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/941953886362793386
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/appnexus/941953886362793386
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
cookie
sw_user_params_infos=saV%2BXbglT0JqwYc1oR7wahcvNM%2BZD8CiOwowxn0wZMVerwmL%2FfX8OJE5xeOifUaXCvVYKB%2BG4VijN7RYmSpbNRnlTU94rEtimCPqozTGOHn73ltC4sSBoPp0PJMV23jWszuMuHEPAkoYQ2Pzgdu%2BdWhf%2FwFHGzno4gM1h8ZsMBwbAEdAyMNZym40pwTiiNsRBPkxSv2AKC1sXkCo7ppw4MoXIHwWViCczjq2qBxpWYgs0M%2BBo9hNoWOi4yG9%2Fl%2F5mpEEWBSEGQfZQ5c1BD%2FUTtqdBMiNW7sm%2FnG8LIV342myIOHGPHty%2BtTGK1We7B9dCf8gJRKVLODCbqVxTJPYaA%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=O3WlL9pqbDH1JYUvfwANHfFxr8iltz9zqIFtlZ5j6cBuyoZq4GXUPvPn760pYsrvm%2Fyxs566myuS1pUXsi53WtL3CagCNr9zGH%2FfTBzi945q6%2FvCrreSyLZCRopOIbB%2FjsZ8deV7p7btrbV%2BNovllQ6i8kbT3%2B4gUHbg%2FCPE1yH3KIuGnh5FToKruKeRt%2B1tb3O%2Fqf1gjlOyfn4R521MDSsVEky0HxjZ2rReM9o23tiy0qPeU9mhsral8H918pGiZykS6sVuTfG2Tmol0FAwZijCY2qxt0K391Ul%2Boj68fwdJjSIv77VwEhx%2FmcvEu5abX8FaP%2FXRUMJeHCbSawN9%2BVMrrOsvzo7bYUS%2FOXsujYJ%2FyAlEpUs4MJupXFMk9ho; expires=Mon, 10-Oct-2022 17:22:56 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4zPkfGieMhzAN7nIVCu0mVBtIaL21Mv3%2FgvOXpRfMJiiDYbEzB80KkNNKMiw0k139vnHKMvX6BxJtPn1CN%2BbWIdnygobiRVxMl19BLytRX6K8Io1pv2qJh9aqDw616NjGOqkPX2mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69bf891a39cb4e80-FRA
content-encoding
br

Redirect headers

Server
nginx/1.17.9
Date
Sun, 10 Oct 2021 11:33:44 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/941953886362793386
AN-X-Request-Uuid
0f7be691-9b82-4f0d-b0d3-d9fefd941348
Set-Cookie
uuid2=941953886362793386; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Jan-2022 11:33:44 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
06cf2204035bc208c2e5720d&gdpr=0&gdprConsent=
csync.smilewanted.com/set_partner_userid_get/adotmob/ Frame E15F
Redirect Chain
  • https://sync.adotmob.com/cookie/smilewanted?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadotmob%2F{amob_user_id}&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/adotmob/06cf2204035bc208c2e5720d&gdpr=0&gdprConsent=
0
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adotmob/06cf2204035bc208c2e5720d&gdpr=0&gdprConsent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/adotmob/06cf2204035bc208c2e5720d&gdpr=0&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
cookie
sw_user_params_infos=O3WlL9pqbDH1JYUvfwANHfFxr8iltz9zqIFtlZ5j6cBuyoZq4GXUPvPn760pYsrvm%2Fyxs566myuS1pUXsi53WtL3CagCNr9zGH%2FfTBzi945q6%2FvCrreSyLZCRopOIbB%2FjsZ8deV7p7btrbV%2BNovllQ6i8kbT3%2B4gUHbg%2FCPE1yH3KIuGnh5FToKruKeRt%2B1tb3O%2Fqf1gjlOyfn4R521MDSsVEky0HxjZ2rReM9o23tiy0qPeU9mhsral8H918pGiZykS6sVuTfG2Tmol0FAwZijCY2qxt0K391Ul%2Boj68fwdJjSIv77VwEhx%2FmcvEu5abX8FaP%2FXRUMJeHCbSawN9%2BVMrrOsvzo7bYUS%2FOXsujYJ%2FyAlEpUs4MJupXFMk9ho
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=bdsp0uZYpREJYBfdy5yjHYaeXUuTHx%2FxjPeoaeDVZ7TiAotJWYR%2F%2FmIe11rdAIQ01PtIjGdj3KrfF3gG42gjVe2O6BgUug9Xs4TOYaQ7DpdhibZBkWr3uQr7rJLfi0UAxbIMFe8SJDTqUCz%2BxF64hFSRsDZ37zww708djx2WzpNQNKVdvyD7xnxgi9q1I6T7NSK7pv95R75hHZQ8qzjzPOuxwOMxTuZjUyY%2Fjm65jxEi3oHOObHj%2F%2FPiAPJ5IpSbso6UE%2F08JT44aTuvuNezdARQc3u7lTFU2FXV%2BxwW3g0ZmkJJGg8DNqu%2FRbplMPdvKhzaqa4f1TVZYlR%2BSzJG%2FNJXKKRU3pov7Hu05yuIYP4FLcZ2c4spCuf%2FMqO0vTqGQqIS5aGl0OEUHio39oBcbg%3D%3D; expires=Mon, 10-Oct-2022 17:22:56 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4VoAs4%2BI7dkS7n4yC0MKa64njRGH4v8UwPAnetatczijuxgym3Jm7BvrlVTOdMVgU%2Fkhz%2BP3Mm%2FbrWEw4zYkwfRoOiLpclayAlA32VfkQ33bINisuGy4f5EOL5gb5XF7uUeK8aTMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69bf891bfd204e80-FRA
content-encoding
br

Redirect headers

X-Powered-By
Express
Vary
Origin
Access-Control-Allow-Credentials
true
Set-Cookie
uid=06cf2204035bc208c2e5720d; Domain=.adotmob.com; Path=/; Expires=Wed, 09 Nov 2022 11:33:44 GMT; Secure; SameSite=None uuid=06cf2204035bc208c2e5720d; Domain=.adotmob.com; Path=/; Expires=Wed, 09 Nov 2022 11:33:44 GMT; Secure; SameSite=None partners=SMW%3A1633865624760; Domain=.adotmob.com; Path=/; Expires=Wed, 09 Nov 2022 11:33:44 GMT; Secure; SameSite=None
Location
https://csync.smilewanted.com/set_partner_userid_get/adotmob/06cf2204035bc208c2e5720d&gdpr=0&gdprConsent=
Date
Sun, 10 Oct 2021 11:33:44 GMT
Content-Length
0
meta
api.assertcom.de/ 		0
270 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/meta
Requested by
Host: ubn3k2x9bfd2yw3n3.ay.delivery
URL: https://ubn3k2x9bfd2yw3n3.ay.delivery/client-v2.3.0-to-que-start.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.62.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.62.201.195.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.logicuser.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 10 Oct 2021 11:33:44 GMT
server
nginx/1.16.1
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, private, no-transform
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
async_usersync
ib.adnxs.com/ Frame A66F 		0
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Oct 2021 11:33:45 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4bd52cc0-9042-4c8f-80c3-e720ce2ff6cc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect boolean| originAgentCluster object| ADNPM object| googletag object| ADNPMVARS object| NpAdDiagnoseArray number| w object| pbjsnp string| myPropertyId object| clientSettings object| e object| s object| npm_cmp_vendor object| npUrlParams object| urban object| geb function| mpfContainr object| nps object| assertive object| apstag string| npDevice object| t object| t2 object| confiant object| CONTAINR_LOGS object| CONTAINR_TAGR_CALLS object| pCache boolean| isConsentCheckDone string| cmpApiVersion object| rubicontag boolean| apstagLOADED function| pbjsnpChunk object| _pbjsGlobals object| ADAGIO object| Criteo object| sas object| apntag object| _ADAGIO object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113 object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| tg object| r object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal number| NpAdDiagnoseStart number| NpAdDiagnoseStartN object| ONFOCUS object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

74 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQ2tTrz8YvCgoI4gEQ2tTrz8YvCgoI5gEQ2tTrz8YvCgoIhwIQ2tTrz8YvCgkICRDa1OvPxi8KCQg6ENrU68_GLwoJCAsQ2tTrz8YvCgoIjAIQ2tTrz8YvCgoIzgEQ2tTrz8YvCgkIXxDa1OvPxi8=
.yieldlab.net/ Name: id
Value: 0138d637-c414-42cf-8e02-44e44510e10c
.casalemedia.com/ Name: CMPS
Value: 5193
.casalemedia.com/ Name: CMID
Value: YWLPlCstr60WuSevT2FqlAAA
.adnxs.com/ Name: uuid2
Value: 941953886362793386
.mathtag.com/ Name: uuid
Value: 745a6162-cf94-4200-bee9-52925d1cd6b2
.casalemedia.com/ Name: CMPRO
Value: 1120
www.logicuser.de/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ5aWVsZGxhYiI6eyJ1aWQiOiIwMTM4ZDYzNy1jNDE0LTQyY2YtOGUwMi00NGU0NDUxMGUxMGMiLCJleHBpcmVzIjoiMjAyMi0wMS0wOFQxMTozMzo0MFoifX0sImJpcnRoZGF5IjoiMjAyMS0xMC0xMFQxMTozMzo0MFoifQ==
.adsrvr.org/ Name: TDID
Value: 05afd6ca-3150-47b9-8008-abca41f63c5c
.doubleclick.net/ Name: IDE
Value: AHWqTUnJx8Svu4aFQV4gk0Y4pU-5oWAwvkNOjJ8I6kFwMoqvOIhwl7OZOByZMW4cwKI
.bidswitch.net/ Name: tuuid
Value: fe7d4fa3-e849-48c5-b39d-c7d63d9f370b
.bidswitch.net/ Name: c
Value: 1633865620
.bidswitch.net/ Name: tuuid_lu
Value: 1633865620
.openx.net/ Name: i
Value: 5f259d36-1d0f-0b18-1e77-543977431323|1633865620
.rubiconproject.com/ Name: rsid
Value: 1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxp8CPrzPAh1r4P5OmjjR8TyZL2OieOkSHO3tj2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GKFAIiqgWpDr9WOsX4JPWMcjCRbro=
.rubiconproject.com/ Name: khaos
Value: KUL5ELKZ-Z-HOQ6
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0ah313K/aWGeMH05QULE/jV/G9Z/GRzTwqxomP/o7qYuxPefmE2tIOdsI1AHJSBLFuAMeMVbPMxSYbB5SW5XQ3aoq6YbuNx6I=
.scoota.co/ Name: tuuid
Value: 92e9b22c-4eec-451b-bd9c-5eaff86a7efc
.scoota.co/ Name: c
Value: 1633865621
.scoota.co/ Name: tuuid_lu
Value: 1633865621
.criteo.com/ Name: uid
Value: c9a2aad4-fb1f-4a9c-9c07-da23dc9798c4
.logicuser.de/ Name: cto_bundle
Value: iBRtBV84bU95VHZDUm54Y0hqamRUeVcwRE81dUNOQyUyRnBOaFVzM29HeW92dFZISGRabWJIaGp6VFZreUdBUUhrcFclMkZGTU1pcnpkbzB6cElraGdDZWNlb0xYOThhZGtFenRDeVhud0pxSGRTS1clMkZFaFNsT2FGRTFIb2JEdDg3ekVQdVNMUjYzNEZpUzhDSVJqWVJPZkxGQ2hQJTJCQSUzRCUzRA
.logicuser.de/ Name: __gads
Value: ID=493ce0a8f666390f:T=1633865622:S=ALNI_MZqqqlTfCoFaY17Lh5CV-Vlzdqn8w
.adfarm1.adition.com/ Name: UserID1
Value: 7017399416855132301
.simpli.fi/ Name: suid
Value: F02507DB263F42229A810C6A14CF4B09
.casalemedia.com/ Name: CMRUM3
Value: 2d6162cf972760CAESECCFtPuf_v2xgfUfbVQ9w8c
.de17a.com/ Name: guid2
Value: 1.5855219308441562158
.m6r.eu/ Name: test
Value: true
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 30566F1E-48BA-433B-B0A0-85BC34C2DA9D
.adnxs.com/ Name: anj
Value: dTM7k!M4/QCxrEQF']wIg2GTtmrD+`!]td08i_iqf!oN/@E'zz<*Z0Q3GzNhpFU$DHbjJ!-x91lHatA8N<Fk%tAQ[k/X%W#.wLO'6/70Aa8[pJRDj(TR9UP2=fof@=tT:fJAlF#R0'hk?KFm^'4U5I'Ccrq8pKiK@'s>TJ2c@/
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YWLPlwAIBq1EXAAT
.m6r.eu/ Name: cct
Value: 1633865623650
.m6r.eu/ Name: id
Value: b41bb1f60842a61e0bebaf1102236c0d
www.logicuser.de/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2205afd6ca-3150-47b9-8008-abca41f63c5c%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-09-10T11%3A33%3A44%22%7D
.openx.net/ Name: pd
Value: v2|1633865624|gekin0vNiygu
.3lift.com/ Name: tluid
Value: 10707733885485426918
eus.rubiconproject.com/ Name: pux
Value: 1512%3D103211%262249%3D103211%262307%3D103211%263778%3D103211%262249-DV360-Hosted%3D103211%26idl%3D103211%26goog%3D103211%26brx%3D103211%26
www.logicuser.de/ Name: cto_bundle
Value: _0XKo19aZ2FOYlJocFBOaWNoZSUyRmRhJTJGWSUyQlRpVXJiMjUwSVA2UEZJd3N2aFczR29LNEprQk5YbVhxYm5ralFJNk1SJTJCaG5NT1cyNkpBdHlyMnZQZFRRRjhjRkFxV0p0OWNORnVVc2lHNDdJU2RSTFZucDB5TWVHR0d4MUlZSDFMSiUyQmRLeGdrZyUyRkVKakJrNTRYWTBtbnYwOTU2Q0ElM0QlM0Q
www.logicuser.de/ Name: cto_bidid
Value: SwqvH19ZTUJqQzBhYWVrQzFjS2ZUSHhIU2F6WjFiMzdYVlU4YURpWkJUS0lnOW1qNHducG5mTUhqOG5RbDJOeXJFeG1pWXhRU2owcUk2dWRVUDFOWU40WSUyQnBBSjdnT0Y4cEdSZEg5dXZVNFl4VkdJJTNE
.quantserve.com/ Name: mc
Value: 6162cf98-3577f-56ba2-30579
.bing.com/ Name: MUID
Value: 0C1B272E53ED6020233237E2528661FD
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5208185477574498488
.turn.com/ Name: uid
Value: 8879911698156568978
.mathtag.com/ Name: mt_mop
Value: 9:1633865624
.360yield.com/ Name: tuuid
Value: 825265f7-2986-4d95-8b7b-f2418a4d1b16
.360yield.com/ Name: tuuid_lu
Value: 1633865624
.yahoo.com/ Name: A3
Value: d=AQABBJTPYmECEIeaLDDIl9TpKsgIFCpT4QsFEgEBAQEhZGFsYQAAAAAA_eMAAA&S=AQAAAvzAXzCpz1dlMhcaei-iMeE
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16930%3b%24o%3d11100
.smartadserver.com/ Name: pid
Value: 440152998966965591
.smartadserver.com/ Name: pdomid
Value: 20
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMST
Value: YWLPlGFiz5gA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1635033600%3A219_201_197%7C1633910400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1635033600%3A8_220_13_54_7_3_21_161_56%7C1635120000%3A35
.quantserve.com/ Name: d
Value: EMQBEQG5JPijCJiTAA
.smilewanted.com/ Name: sw_user_params_infos
Value: saV%2BXbglT0JqwYc1oR7wahcvNM%2BZD8CiOwowxn0wZMVerwmL%2FfX8OJE5xeOifUaXCvVYKB%2BG4VijN7RYmSpbNRnlTU94rEtimCPqozTGOHn73ltC4sSBoPp0PJMV23jWszuMuHEPAkoYQ2Pzgdu%2BdWhf%2FwFHGzno4gM1h8ZsMBwbAEdAyMNZym40pwTiiNsRBPkxSv2AKC1sXkCo7ppw4MoXIHwWViCczjq2qBxpWYgs0M%2BBo9hNoWOi4yG9%2Fl%2F5mpEEWBSEGQfZQ5c1BD%2FUTtqdBMiNW7sm%2FnG8LIV342myIOHGPHty%2BtTGK1We7B9dCf8gJRKVLODCbqVxTJPYaA%3D%3D
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjIjL6Z-_qFOhAFGAEgASgCMgsIyITBxpH7hToQBTgBWghwdWJtYXRpY2AC
.onaudience.com/ Name: cookie
Value: 51a2eaec5b3887e0
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-Zqqy1zP9vd19qLHSZ_2p0Gb55dd9qLTQZ6Kmok7v&KRTB&22979-Zqqy1zP9vd19qLHSZ_2p0Gb55dd9qLTQZ6Kmok7v
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-941953886362793386
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBAvLxLRl9CFqDQD7bgSous&KRTB&16514-CAESEBAvLxLRl9CFqDQD7bgSous&KRTB&23025-CAESEBAvLxLRl9CFqDQD7bgSous
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5855219308441562158
.pubmatic.com/ Name: SPugT
Value: 1633865624
.spotxchange.com/ Name: audience
Value: ed2cccde-29bd-11ec-99dc-1708f5200206
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5208185477574498488&KRTB&23263-5208185477574498488
.pubmatic.com/ Name: PugT
Value: 1633865624
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:745a6162-cf94-4200-bee9-52925d1cd6b2&KRTB&16736-uid:745a6162-cf94-4200-bee9-52925d1cd6b2&KRTB&23019-uid:745a6162-cf94-4200-bee9-52925d1cd6b2&KRTB&23114-uid:745a6162-cf94-4200-bee9-52925d1cd6b2
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-05afd6ca-3150-47b9-8008-abca41f63c5c&KRTB&22918-05afd6ca-3150-47b9-8008-abca41f63c5c&KRTB&23031-05afd6ca-3150-47b9-8008-abca41f63c5c

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

43da718ac353b037a0d216a6b05bbd53.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ad.yieldlab.net
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
api.assertcom.de
b1h.zemanta.com
b1sync.zemanta.com
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.jsdelivr.net
cdn.mookie1.com
cdn.netpoint-media.de
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
csync.smilewanted.com
d.nativendo.de
d5p.de17a.com
de-gmtdmp.mookie1.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
loada.exelator.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
netpoint-d.openx.net
orbidder.otto.de
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.smilewanted.com
px.ads.linkedin.com
r.scoota.co
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.adotmob.com
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tracking.m6r.eu
ubn3k2x9bfd2yw3n3.ay.delivery
um.simpli.fi
us-u.openx.net
www.google.com
www.googletagservices.com
www.logicuser.de
x.bidswitch.net
104.111.218.85
104.111.237.122
104.17.120.107
104.26.6.39
107.178.241.34
142.250.184.226
142.250.185.194
142.250.186.66
151.101.129.108
151.101.129.194
151.101.194.49
159.253.128.183
178.250.0.157
178.250.2.131
178.250.2.151
18.185.163.58
18.194.4.47
18.66.109.174
185.183.112.148
185.243.11.13
185.29.134.244
185.33.221.13
185.33.221.89
185.64.189.110
185.64.189.115
185.64.190.80
185.64.190.81
185.86.139.89
185.94.180.125
195.201.62.39
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
209.54.176.128
213.155.156.165
23.37.42.132
2602:803:c004:200::141
2606:4700:20::681a:8a9
2606:4700:3032::ac43:bb58
2606:4700::6810:5614
2606:4700::6812:272
2620:116:800d:21:51e4:db4b:4436:b305
2620:119:50e1:101::6cae:b25
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:2638:1::3
34.98.64.218
35.156.28.35
35.158.25.241
35.186.238.175
35.210.58.154
35.244.174.68
37.157.2.234
37.157.4.25
49.12.19.106
51.210.112.63
54.78.254.47
64.202.112.31
69.173.144.139
72.251.244.140
76.223.111.131
76.223.111.18
85.114.159.93
99.80.151.46
000826ce6c31c7dc061381f5856efa0df8df6cf2fdb42d92afb3e7aa26ce9a82
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
055166c77ec652ff324c8588682a93d6a54250c4be542d34ae04fe9f9bbfb78e
05a9e8eed14cc84d68ddd139202028c66846ab7a24cf09b118e57d660e3696be
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09e24db305e0abc781bff30e05a30a89995cb86758397a5d221841b564e95f5e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11bf4d2fb4821029fc1d70f7b6ad16fad1cb9ffe5cc584f30415cb5d7b9458d5
12087ec7fa6b3a057d6c25ea7e1ac0ec6a72834b4fbee73f75aad25eebc21ab9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0
17708b2d2ed2da5ae8c699fd63e2bfc7f33c4bd0783ed19cff67681f6308c045
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186eff04a22ac81157dc3283c95424151aec5cb3e5904d0c5d83512b0d17e4dc
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f
1f7dee4466968030ac9440c28cc7f70264acc45d264657bffb342fc4d1481825
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e
2a071c13498003831e9f49f719dbec84c9625bf8b3b0c3fd87953d6df991d353
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2decf1b37c685fe2d1c8da1c991e9ac4bcb1ade49d1c1a80a024cee86706c0e5
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
3029e2dd401c3602d5998ba48444bc0f537b9176531b1c555b05a47b8bf3eaea
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
368243f9de801101794edd911f8a83ef9d4e6b3ab8f5920807f8e170c201f145
36c99062b246eea15ea837a3d4a2c955658fc82db62afd98be86dcd23143b997
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df5d7bcc9ee85240a593d7a896b3546695fa0e7252c5f67fc920da24b60b381
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400bc6a241c7e9e94ea9bc086791b841d8c20300c4e063c6c341ae6524e7d26d
47a6959bed8cd9b0ea79e5e85a83eea9438088e47e0d50124543b4d22bbc75af
4b0d3aa2c625b6c3e854f34e6e8ba9f3b718118967a3550a93c8d0ef00b96746
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
5253cd73342f8a3fa126b97592c21a26269e6850e1d89b35306762ab532dfe6c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b7ef1686c5a58130ddbfc194cdcd5b4a6a3df84c57624ff120a23ceb4950399
60576232472f68d95df1af2c82ccb71bd4a30e26d6ce0202d3df5449d9a1727b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dec88754888373fd9c2d190e452dfb87737659e7fece633d8c40a83cce836c5
6ed6dc25c0545ce6ad509aec899a13cc81124c187c9905306a05652c266fdc85
70f0202c55a25cf7a6276abe13e7093a469771e969cf318def3049972b0d45c0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7570689d5883b7ce0062084863082383873bf5cfa91727203ca5c097541a12a6
78980c8127095caedd48a198e994209da673dcafcdad302adb313ec3e9aa9bd0
7a488b6eec146cd55817197d2524099ba4a7280fddcc9277418a7bb17ecd537a
7d7ddf617c63da9bd588428601e0f8ad67395a39a44c1f014577ac0f2bbb5f9c
7f5e3bcd9943d7b56fdf5a0ac0465744e18b9510544226fe87bc36e073ffecbf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83de99253f44b54cf3bf1ed5b373314a70e12c5626f1ca5a79b7b849684d431b
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed5d7bc9433786b99a466000314e39d63625b5c14af59433a61923d26ca24b2
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8563083b9355682acd59692a6a0a3819a2b819ecb275ac8c2a0fcdf4ee0188
9c89ebf8b923c3af7ab458913ebd36b3e3f40387de2d9314d9a170b2aa46e02a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a03f3d879c623a91bdf27d66841986aa8ceda1069a55936905bf1e6c3cd3d141
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a65eb0069f536acf11c0f5c8971e963ebad62a68838df624658da734d93611b8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aea684946e10ea6404391b2cbfb44b1052b59ffcc1e9f04c17ba6f0e38e62c0f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b688abbc7fa60694dfe3b4593d390a153c61f129c2dfbfd01645b6576dcb7262
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2ff493e3180acde0e65d9f87a4da7c47605c52d7c6184fa0ba428af23c5db0f
cb02fb31d9d1da73bbd0541a6b53a098a32ba9ec31e80a0ba8ea3e7d3d8ce480
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5ef730972a4f7322c727a471d59ac6fbc3f4ea030aece254f2e7a895c427325
d82844f37479fdc2e3dc9dfe01d09adb2d2996baae9faaa915ea7f5faf41cf28
d8ef291924d59c07e1575784fb7e85c73d25ee2b75af34eef04a43ac45164f31
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
dc0dfaa49f8c72aca5efb79418aa1010ddf64333c11c864416b8e2ba1522c7dc
df88a13d4a06cb7fa701e728f6ff4c8eb42310c83b28990e909a25f4a46040bf
e27e876d8365b74798cdc0dd9450cc2215664cb3551c66c1fcf6133ab9f92d54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5513be727e41720e81e635c058faefa34f0714561e025bdc19c8a3f2349e984
e61b3c8130d4175be823e3ffd547d878bec17f1a76d75ab67adac8865ab6465d
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009