lookbook.nu Open in urlscan Pro
2606:4700:3034::6815:48a4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lookbook.nu/user/9459338-Noel
Submission: On July 11 via manual (July 11th 2021, 9:41:05 pm UTC) from DE

Summary HTTP 151 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 56 IPs in 10 countries across 50 domains to perform 151 HTTP transactions. The main IP is 2606:4700:3034::6815:48a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is lookbook.nu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 28th 2020. Valid for: a year.

This is the only time lookbook.nu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::6815:48a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:20:... 2606:4700:20::681a:12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2 4	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	13.224.103.105 13.224.103.105	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:f600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	13.224.99.14 13.224.99.14	16509 (AMAZON-02) (AMAZON-02)
5	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 8	52.95.124.165 52.95.124.165	16509 (AMAZON-02) (AMAZON-02)
1 5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 3	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
22	89.163.211.233 89.163.211.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	89.163.211.242 89.163.211.242	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 4	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
3 5	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
6 9	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
2 3	52.30.92.119 52.30.92.119	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1 1	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 8	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	185.29.132.69 185.29.132.69	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	54.236.227.29 54.236.227.29	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.21.104.248 52.21.104.248	14618 (AMAZON-AES) (AMAZON-AES)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
3 3	35.156.19.236 35.156.19.236	16509 (AMAZON-02) (AMAZON-02)
1 1	51.75.146.159 51.75.146.159	16276 (OVH) (OVH)
1 2	204.2.255.233 204.2.255.233	2914 (NTT-COMMU...) (NTT-COMMUNICATIONS-2914)
1 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 6	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4 6	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
1	2600:9000:215... 2600:9000:2156:fa00:c:6264:8240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	5.148.168.135 5.148.168.135	29691 (NINE) (NINE)
2 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	13.37.72.132 13.37.72.132	16509 (AMAZON-02) (AMAZON-02)
2	185.85.15.31 185.85.15.31	200107 (KL-EXT) (KL-EXT)
1	2600:9000:215... 2600:9000:2156:1c00:13:99a2:1280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.125.59.88 3.125.59.88	16509 (AMAZON-02) (AMAZON-02)
1	13.224.99.3 13.224.99.3	16509 (AMAZON-02) (AMAZON-02)
151	56

1 2606:4700:3034::6815:48a4 (United States)

ASN13335 (CLOUDFLARENET, US)

lookbook.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::681a:12 (United States)

ASN13335 (CLOUDFLARENET, US)

lbstatic.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:f600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.99.14 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-14.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.95.124.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.244 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 89.163.211.233 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

brain.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.163.211.242 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

cdn.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.236 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.248.242.197 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.164 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.92.119 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-92-119.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.69 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.227.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-227-29.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.104.248 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.19.236 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.159 (France) 1 redirects

ASN16276 (OVH, FR)

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.2.255.233 (United States) 1 redirects

ASN2914 (NTT-COMMUNICATIONS-2914, US)

pmp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

ad12.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.200.5.215 (Germany) 4 redirects

ASN31400 (ACCELERATED-IT, DE)

cct.connects.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tc.connects.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lacmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:fa00:c:6264:8240:93a1 (United States)

ASN16509 (AMAZON-02, US)

htlp.emp-online.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.148.168.135 (Zurich, Switzerland)

ASN29691 (NINE, CH)

www.adtracker.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.37.72.132 (Paris, France) 4 redirects

ASN16509 (AMAZON-02, US)

kaspersky.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.85.15.31 (Russian Federation)

ASN200107 (KL-EXT, RU)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1c00:13:99a2:1280:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.acfrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.147.170 (France)

ASN16276 (OVH, FR)

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.59.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

www.getback.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-3.zrh50.r.cloudfront.net

static.getback.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	rvty.net brain.rvty.net cdn.rvty.net	99 KB
19	pubmatic.com 1 redirects ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image4.pubmatic.com image2.pubmatic.com simage4.pubmatic.com	28 KB
16	lbstatic.nu lbstatic.nu	681 KB
15	doubleclick.net 6 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	122 KB
11	rubiconproject.com 5 redirects eus.rubiconproject.com token.rubiconproject.com pixel-eu.rubiconproject.com pixel.rubiconproject.com	16 KB
11	googlesyndication.com 4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	55 KB
11	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	40 KB
7	ad-srv.net 1 redirects ad.ad-srv.net ad12.ad-srv.net	15 KB
5	connects.ch 4 redirects cct.connects.ch tc.connects.ch	6 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads.yahoo.com	3 KB
5	adsrvr.org 3 redirects match.adsrvr.org	2 KB
5	openx.net 1 redirects u.openx.net us-u.openx.net eu-u.openx.net	1 KB
4	commander1.com 4 redirects kaspersky.commander1.com	4 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	google.com adservice.google.com www.google.com	1 KB
4	quantserve.com 2 redirects edge.quantserve.com pixel.quantserve.com	10 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	adnxs.com 3 redirects ib.adnxs.com	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	googletagservices.com www.googletagservices.com	88 KB
2	getback.ch www.getback.ch static.getback.ch	33 KB
2	kaspersky.com media.kaspersky.com	20 KB
2	awin1.com 2 redirects www.awin1.com	1 KB
2	adtracker.ch www.adtracker.ch	20 KB
2	mxptint.net 1 redirects pmp.mxptint.net	967 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	947 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	rlcdn.com idsync.rlcdn.com id.rlcdn.com	108 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	turn.com 2 redirects ad.turn.com	936 B
2	dotomi.com amazon-tam-match.dotomi.com pubmatic-match.dotomi.com	103 B
2	google.de adservice.google.de	975 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	69 KB
1	lacmp.net www.lacmp.net	3 KB
1	contentspread.net cdn.contentspread.net	3 KB
1	acfrg.com media.acfrg.com	13 KB
1	emp-online.ch htlp.emp-online.ch	3 KB
1	rqtrk.eu 1 redirects ws.rqtrk.eu	516 B
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	adentifi.com rtb.adentifi.com	88 B
1	simpli.fi um.simpli.fi	609 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	criteo.com dis.criteo.com	338 B
1	facebook.com www.facebook.com
1	quantcount.com rules.quantcount.com	438 B
1	googleapis.com ajax.googleapis.com	33 KB
1	lookbook.nu lookbook.nu	8 KB
151	50

	Domain	Requested by
22	brain.rvty.net	4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com cdn.rvty.net
16	lbstatic.nu	lookbook.nu lbstatic.nu
9	cm.g.doubleclick.net	6 redirects u.openx.net eus.rubiconproject.com
8	simage2.pubmatic.com	1 redirects ads.pubmatic.com
8	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com u.openx.net ads.pubmatic.com eus.rubiconproject.com
6	ad12.ad-srv.net	1 redirects brain.rvty.net ad12.ad-srv.net
5	image2.pubmatic.com	ads.pubmatic.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	match.adsrvr.org	3 redirects u.openx.net eus.rubiconproject.com
5	tpc.googlesyndication.com	4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net lookbook.nu
4	kaspersky.commander1.com	4 redirects
4	cct.connects.ch	4 redirects
4	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	sync-tm.everesttech.net	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
3	pixel.rubiconproject.com	eus.rubiconproject.com
3	x.bidswitch.net	3 redirects
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	ib.adnxs.com	3 redirects
3	pixel.quantserve.com	2 redirects lookbook.nu
3	sb.scorecardresearch.com	1 redirects lookbook.nu
3	c.amazon-adsystem.com	lookbook.nu c.amazon-adsystem.com
3	www.googletagservices.com	lookbook.nu securepubads.g.doubleclick.net 4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com
2	media.kaspersky.com	ad12.ad-srv.net
2	www.awin1.com	2 redirects
2	www.adtracker.ch	ad12.ad-srv.net
2	pmp.mxptint.net	1 redirects ads.pubmatic.com
2	pixel-sync.sitescout.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	sync.1rx.io	2 redirects
2	us-u.openx.net	u.openx.net
2	cdn.rvty.net	brain.rvty.net cdn.rvty.net
2	www.google.com	4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com tpc.googlesyndication.com
2	ad.turn.com	2 redirects
2	eus.rubiconproject.com	aax-eu.amazon-adsystem.com eus.rubiconproject.com
2	ads.pubmatic.com	aax-eu.amazon-adsystem.com ads.pubmatic.com
2	u.openx.net	1 redirects aax-eu.amazon-adsystem.com
2	4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google-analytics.com	lookbook.nu
2	connect.facebook.net	lookbook.nu connect.facebook.net
1	static.getback.ch	www.getback.ch
1	www.getback.ch	lookbook.nu
1	simage4.pubmatic.com	ads.pubmatic.com
1	www.lacmp.net	tc.connects.ch
1	tc.connects.ch	htlp.emp-online.ch
1	cdn.contentspread.net	ad12.ad-srv.net
1	media.acfrg.com	ad12.ad-srv.net
1	htlp.emp-online.ch	ad12.ad-srv.net
1	id.rlcdn.com	eus.rubiconproject.com
1	ads.yahoo.com	eus.rubiconproject.com
1	pixel-eu.rubiconproject.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	sync.ipredictive.com	1 redirects
1	rtb.adentifi.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	idsync.rlcdn.com	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	ad.ad-srv.net	brain.rvty.net
1	eu-u.openx.net	u.openx.net
1	image6.pubmatic.com	ads.pubmatic.com
1	amazon-tam-match.dotomi.com	aax-eu.amazon-adsystem.com
1	www.facebook.com	connect.facebook.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	edge.quantserve.com
1	edge.quantserve.com	lookbook.nu
1	ajax.googleapis.com	lookbook.nu
1	lookbook.nu
151	75

This site contains links to these domains. Also see Links.

Domain
pilotdiarystore.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-28` - `2021-11-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.rvty.net Sectigo RSA Domain Validation Secure Server CA	`2020-09-02` - `2021-10-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
ad-srv.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.mxptint.net Starfield Secure Certificate Authority - G2	`2020-07-21` - `2021-07-21`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-08` - `2021-08-25`	2 months	crt.sh
htlp.emp.de Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
adtracker.ch R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
media.kaspersky.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-23` - `2022-04-28`	a year	crt.sh
*.acfrg.com Amazon	`2021-01-14` - `2022-02-12`	a year	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
tc.connects.ch R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
www.lacmp.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.getback.ch Amazon	`2021-05-08` - `2022-06-06`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://lookbook.nu/user/9459338-Noel
Frame ID: 8A76BF110EF39928562EC0622A9A2FD9
Requests: 46 HTTP requests in this frame

Frame: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 929AE94107DD258AF0F24E0C1EB3C218
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_ox-db5_dm_cnv_n-amobee&dcc=t
Frame ID: 58A52749D583FC5BEE6C1863C6B6C3FB
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=ox-db5_dm_cnv_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1
Frame ID: C749BA7E456BDA86EE298EA41928E548
Requests: 1 HTTP requests in this frame

Frame: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EFD5B83D820DD0320B91C943E2E5D870
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 140002FE13F8B8C082A05228252D67ED
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=3741028058712879815&ex=districtm
Frame ID: 2F7ED3918B4D89B35F19E6F55E130E4C
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 1DB9369910DB1899C8CF2DC4A1ED9BB6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: D786BB82E700C0EEA0D955CC45C74705
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 93F907B806A20989D2AA3ED02E3BCAD9
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3385153130245524089
Frame ID: A60F8750FD791BDD27BB63049F6F9E87
Requests: 1 HTTP requests in this frame

Frame: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
Frame ID: 7316F6B47A7B9A5786939B6C3928E47B
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=251F9F75-7846-4790-9F93-A251411270C8
Frame ID: 836B6DBFFC290AD476422ACF5442EB63
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 661D7CCAF6F4775BFA6B37A4BE83A70E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E728FA49564DFC3F8E7743C457170FC6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003
Frame ID: B0D73DBC0E7376CC529D86059A1F759E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=251F9F75-7846-4790-9F93-A251411270C8&ex=pubmatic.com
Frame ID: 7D25DB35160028F020BE6E2F1A3871AE
Requests: 1 HTTP requests in this frame

Frame: https://htlp.emp-online.ch/htlp_c.html?wt_mc=pt.connects._117581_._NNNNN_._Post-View%20Partner_._WWWWW_.&lea_source=2021071123401052684812799X117581V1541143261MS96186200161843302757754011652012
Frame ID: DE3A907D24AD4FC37D5E7296559A0419
Requests: 5 HTTP requests in this frame

Frame: https://www.adtracker.ch/upload/1x1.gif?x=1&lea_source=2021071123401052684812797X117581V1422143551MS96186200161843302757754011652012
Frame ID: 71138265387A53D6B1DDA169F50BF5C5
Requests: 1 HTTP requests in this frame

Frame: https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg
Frame ID: DE4B5189ACF90292BEE5A44D74AC032F
Requests: 1 HTTP requests in this frame

Frame: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
Frame ID: 1FFAD302DBE93848E1AC848B20409314
Requests: 8 HTTP requests in this frame

Frame: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Frame ID: DC22CF20DF7B56322AC03F5810C962C9
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A4751ADAC16300690EF4D913E9E15CE4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6278D17AD78CD13E7768460E675CE9CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

151
Requests

99 %
HTTPS

34 %
IPv6

50
Domains

75
Subdomains

56
IPs

10
Countries

1387 kB
Transfer

3362 kB
Size

46
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://pilotdiarystore.com/products/silicone-bowl-bong-slides
Title: pilotdiarystore.com/products/silicone-bowl-bong-slides

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://sb.scorecardresearch.com/b?c1=2&c2=8354559&ns__t=1626039608085&ns_c=UTF-8&cv=3.5&c8=Noel%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1626039608085&ns_c=UTF-8&cv=3.5&c8=Noel%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&c9=

Request Chain 42

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_ox-db5_dm_cnv_n-amobee HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_ox-db5_dm_cnv_n-amobee&dcc=t

Request Chain 46

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Request Chain 47

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=3741028058712879815&ex=districtm

Request Chain 51

https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3385153130245524089

Request Chain 64

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=IHwF-iB5U6A7fVf5cn1NqyB6Vvk7elCqJi-gei_u

Request Chain 65

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1738121145274390146

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIapmrS3aGQ-1QF6eVQSwJ4&google_cver=1

Request Chain 71

https://c1.adform.net/serving/cookie/match?party=14&cid=251F9F75-7846-4790-9F93-A251411270C8 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=251F9F75-7846-4790-9F93-A251411270C8

Request Chain 72

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBVnlFN0Ixc29BQURZamZYTTFwdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 74

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5279725587 HTTP 302
https://sync.1rx.io/usersync/tradedesk/30a274be-4682-48cb-b7b2-1a0afee7351e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JR-fdXhGR5Cfk6JRQRJwyA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 78

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d32d60eb-6538-4c00-a3c0-482e95a11c4c

Request Chain 79

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=30a274be-4682-48cb-b7b2-1a0afee7351e

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjUxRjlGNzUtNzg0Ni00NzkwLTlGOTMtQTI1MTQxMTI3MEM4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 81

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YOtlOQACwKFm3wA4 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YOtlOQACwKFm3wA4&gdpr=0&gdpr_consent=&_test=YOtlOQACwKFm3wA4

Request Chain 82

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3385153130245524089&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHQvQ_kprcnYDpdnwpVKONU&google_cver=1

Request Chain 84

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aef960eb-6538-4500-9c28-d4008cde801c&gdpr=0&gdpr_consent=

Request Chain 86

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=251F9F75-7846-4790-9F93-A251411270C8&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=251F9F75-7846-4790-9F93-A251411270C8&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jbCJP35E2uUSAVuwt5BLUMxf879WXDc-~A&gdpr=0&gdpr_consent=

Request Chain 88

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3741028058712879815&gdpr=0&gdpr_consent=

Request Chain 91

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=908d28e3-e290-11eb-9ad4-f9d7ba686671&gdpr=0&gdpr_consent=

Request Chain 92

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=988bc071-ed13-4ea0-af52-962784235851-60eb6539-4348&gdpr=0&gdpr_consent=

Request Chain 93

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=91608fde-f96d-44ab-ac1c-295d1d85b97a&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 94

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x7DZ38e1j4XcsYvclbGRjse2itzctoyPweN_N0LR

Request Chain 95

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_E0123999_14B84F33B&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 96

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KQZQ001P-21-2ZYY&ex=d-rubiconproject.com&status=ok

Request Chain 97

https://ad12.ad-srv.net/request.php?zone=8vtifwpeqz6l&nw=14&renderingType=javascript&namespace=fd958d3bed&subid=&uid=e056f50760a4b92d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=%5BEXTVARS_QUERYPARAMS%5D&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D1379896%2526a%253D188772%2526t%253D1626039608752%2526l%253D44%2526p%253D3%2526appid%253D%2526aa%253D60eb6538-0005-0b81-08bb-c96f2e090811%2526gdpr%253D0%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2Chttps%3A%2F%2Flookbook.nu&random=6841428719768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad12.ad-srv.net/request.php?zone=8vtifwpeqz6l&nw=14&renderingType=javascript&namespace=fd958d3bed&subid=&uid=e056f50760a4b92d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=%5BEXTVARS_QUERYPARAMS%5D&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D1379896%2526a%253D188772%2526t%253D1626039608752%2526l%253D44%2526p%253D3%2526appid%253D%2526aa%253D60eb6538-0005-0b81-08bb-c96f2e090811%2526gdpr%253D0%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2Chttps%3A%2F%2Flookbook.nu&random=6841428719768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 99

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQZQ001P-21-2ZYY&sigv=1&esig=2~ccf6086b73aee1321aaa0c500fdb5bfc5a88dae2

Request Chain 100

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FaUTAwMVAtMjEtMlpZWQ==

Request Chain 101

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQzMzI5YTk2OWUyMWFkZGQxMWJlZjNkOTg2MzRmZTQ0MzY1ZWFlZg

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDSSTzVbhGjOa-rIQY3ZcUU&google_cver=1

Request Chain 104

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YOtlOQACfmN-SwBg HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YOtlOQACfmN-SwBg&_test=YOtlOQACfmN-SwBg

Request Chain 105

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/K-eSzdyMO7Z8caBQzVZC9Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6413573067299030089

Request Chain 107

https://cct.connects.ch/tpv.php?t=117581V1541143261M&subid=96186200161843302757754011652012&gdpr=&gdpr_consent= HTTP 302
https://htlp.emp-online.ch/htlp_c.html?wt_mc=pt.connects._117581_._NNNNN_._Post-View%20Partner_._WWWWW_.&lea_source=2021071123401052684812799X117581V1541143261MS96186200161843302757754011652012

Request Chain 108

https://cct.connects.ch/tpv.php?t=117581V1422143551M&subid=96186200161843302757754011652012&gdpr=&gdpr_consent= HTTP 302
https://www.adtracker.ch/upload/1x1.gif?x=1&lea_source=2021071123401052684812797X117581V1422143551MS96186200161843302757754011652012

Request Chain 109

https://www.awin1.com/cshow.php?s=2528696&v=13872&q=368718&r=278235&pref1=96186200161843302757754011652012&gdpr=&gdpr_consent= HTTP 302
https://kaspersky.commander1.com/v3/?tcs=1987&cmp=Kaspersky&chn=AffiliateAffilinet&src=nay_an_de-278235&url=https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg HTTP 302
https://kaspersky.commander1.com/v3/?firsttime=1&tcs=1987&cmp=Kaspersky&chn=AffiliateAffilinet&src=nay_an_de-278235&url=https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg HTTP 302
https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg

Request Chain 114

https://cct.connects.ch/tb.php?t=117581V1541144753B&subid=96186200161843302757754011652012&gdpr=&gdpr_consent= HTTP 302
https://media.acfrg.com/banner/de/Entertainment/234x060B.gif

Request Chain 115

https://cct.connects.ch/tb.php?t=117581V1422140455B&subid=96186200161843302757754011652012&gdpr=&gdpr_consent= HTTP 302
https://www.adtracker.ch/upload/miniSchoggi/Banner/min_ad_234x60_v2_08032017_de.gif

Request Chain 116

https://www.awin1.com/cshow.php?s=2528696&v=13872&q=368718&r=278235&pref1=96186200161843302757754011652012&gdpr=&gdpr_consent= HTTP 302
https://kaspersky.commander1.com/v3/?tcs=1987&cmp=Kaspersky&chn=AffiliateAffilinet&src=nay_an_de-278235&url=https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg HTTP 302
https://kaspersky.commander1.com/v3/?firsttime=1&tcs=1987&cmp=Kaspersky&chn=AffiliateAffilinet&src=nay_an_de-278235&url=https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg HTTP 302
https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg

151 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9459338-Noel Show response
lookbook.nu/user/ 26 KB
8 KB 609ms
589ms Document
text/html 2606:4700:3034::6815:48a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:48a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f57bd2603890923332799b25a61df01939eb2317af8a300156b51fb0827243

Request headers

:method: GET
:authority: lookbook.nu
:scheme: https
:path: /user/9459338-Noel
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding
x-ua-compatible: IE=Edge,chrome=1
cache-control: max-age=0, private, must-revalidate
set-cookie: last_op_at=1626039607; path=/ _lookbook_session=BAh7C0kiD3Nlc3Npb25faWQGOgZFVEkiJTYwMGZlM2VkZTFiMjkwOGIyMjE5NGUwYmUwNjAyMGEyBjsAVEkiEG1vYmlsZV92aWV3BjsARkZJIgpnZW9pcAY7AEZ7DjoRY291bnRyeV9jb2RlIgdkZToSY291bnRyeV9jb2RlMyIIREVVOhFjb3VudHJ5X25hbWUiDEdlcm1hbnk6C3JlZ2lvbiIHMDU6EHJlZ2lvbl9uYW1lIgtIZXNzZW46CWNpdHkiDkZyYW5rZnVydDoQcG9zdGFsX2NvZGUiCjYwMzEzOg1sYXRpdHVkZWYTNTAuMTE2Njk5MjE4NzU6DmxvbmdpdHVkZWYWOC42ODMzMDAwMTgzMTA1NDdJIgtsb2NhbGUGOwBGSSIHZW4GOwBGSSIOcGFnZXZpZXdzBjsARmkGSSIQX2NzcmZfdG9rZW4GOwBGSSIxUkFaWG52RHozc3V5aVRINHZSQUk0ZGVTKzBWUklWbGJLWnpIUUJEcEhxMD0GOwBG--b772b3f99a9c2f6934e3ab3d641ffaee6eefaef6; domain=.lookbook.nu; path=/; expires=Sun, 18-Jul-2021 21:40:07 GMT; HttpOnly
x-request-id: 8c1d379773897b261c1cbfa7328394a8
x-runtime: 0.041569
x-rack-cache: miss
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ipyzobRjmTxraOot9Dqfi30AMtlbLev2DBktgBXcUpQ7IzQmGTmHz0x88JuUG79W%2F1aoscrra%2BgsQE28CxFrpslP14xnJvZS9LymiqayDnvPwtKTfHb8GRt6MWxGkHnT4kI2Z94%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66d530390e13c2ef-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 application-e4fe603c2b70ce160ad7d335edb27021.css
lbstatic.nu/assets/ 575 KB
71 KB 53ms
27ms Stylesheet
text/css 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9aab9a81ed9cdb217eefe585e153cc2f64ea8792d5adf9060538a9b0b44ce4f

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 5454
etag: W/"60d93537-8fa63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=grFrAxmTzBTsMDXjwZl1QSeJbh3UVQ7Chqi38KipRM4%2BZ1lVi1NgB5%2Fd%2F7s%2BxgAQVWjYj57UntFtQEHHbkutZtJZzYNi%2BBuWc03H4TZRyQxxqhCWuwAwlHjiPHBAWtlBPznGhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66d5303cedbe4ee0-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Jul 2022 21:04:38 GMT

GET
H2 200 application-a51a596c576aa3cdb24732f481827415.js Show response
lbstatic.nu/assets/ 556 KB
146 KB 64ms
38ms Script
application/javascript 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/application-a51a596c576aa3cdb24732f481827415.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 305030926c53938a6a6df942f51a6f19378407838dc1ec5996580a391af7efe2

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 3524
etag: W/"60d93537-8b111"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VAG5OUdmK5qj0Of6%2F2PmAe5kiHUYeZeT24IgADtL7Z3xjuImJFbO78%2BOe%2F8gJ%2FAQORmtWSGhrMwnrxOmiDmDulNq3eubXikcb%2B4u0a1bqrsTUxJ3SM6rdz6VKDohzGUk%2B8yK1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66d5303cedc04ee0-FRA

GET
H2 200 application-a5c0a1f256cf15442e90c66fb7c2b34b.js Show response
lbstatic.nu/assets/moo/ 91 KB
24 KB 42ms
16ms Script
application/javascript 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/moo/application-a5c0a1f256cf15442e90c66fb7c2b34b.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3b18ac8b2e0c6f6a051aa64130338b184036af8827228836b02d1c0da1fb66

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 3180
etag: W/"60d93537-16a25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=upuPSeMkExB319JZXHE2ugKJzuj0IBBoRkLYqkdbG1KjtyQJr8CUTJvtLtG8XHnADDmdK0SaXw2eRAio4xcpEPtn8ytrUN2wJQnSSe5vGdIFHzBv%2F%2BXIurU3FVvKG511ED3Cfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66d5303cedc34ee0-FRA

GET
H2 200 prox-new-6f58470807ac660d8f50fe544c823bba.png
lbstatic.nu/assets/logos/ 953 B
1 KB 16ms
15ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/logos/prox-new-6f58470807ac660d8f50fe544c823bba.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1852ec5957212ab1ddc679453216178799dd25a2c75985a885e7d467328795e1

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 109
content-length: 953
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-3b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8pWIdzMvWw38rMHWlPDitRfyxgZDkKF%2BfiyhsBrHvL%2FxQXDn7OUkUvN%2BVAExqFI4%2FcCQfDyBOCU4UbpeQxWz9gs%2B1AAqOFtzGNglaPBm1jSXJDfHc9K0L%2FSucQB3m3GsVwmazw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 66d5303d4eac4ee0-FRA

GET
H2 200 more-0b061e84918c4f68f8a0aad60ae58625.png
lbstatic.nu/assets/header/icons/ 19 KB
20 KB 19ms
19ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/header/icons/more-0b061e84918c4f68f8a0aad60ae58625.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b0df5acd41c11fc146d64795aa729d99370a98109ce1e441db4ac0b7f69d025

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 109
content-length: 19662
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-4cce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Hnq0iZ7siZdJM8w4gXcy4Duwk5NqIAFV4UHsGy6plua1XW9SBFUzZ6xLgoEAlE1VSw3Yv65HsqtYDTB0ttliMCFsxHoa1HX%2BYxDMNA5F0QNTryY%2FfmKtQr7LVGAxcdO%2B%2BEYOEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 66d5303d5eae4ee0-FRA

GET
H2 200 guy.gif
lbstatic.nu/assets/ 580 B
880 B 17ms
16ms Image
image/gif 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/guy.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d7600604cb30e42b1511c91d29c886de204d3f46d8c265b9c35b0960ccf8195

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 499
content-length: 580
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-244"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MAKTOXHgIDwVfAg2ocH%2BkhXPqYrvtHTN4VvxUXD7TQ1V5G34MtNAqIbB9PdY3W1JxtQLTZxlbpFq2D%2F93dRveelH%2ByebIEbTJwHtLj07bq%2Bzh5QxJT5mSq50DqMauZPr4x7l8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 66d5303d8f284ee0-FRA

GET
H2 200 ajax-loader-big-0d4c0c710c24223145d172f44db328d0.gif
lbstatic.nu/assets/ 3 KB
3 KB 18ms
17ms Image
image/gif 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/ajax-loader-big-0d4c0c710c24223145d172f44db328d0.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4568
content-length: 2608
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-a30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2SVl192cwGfXUKZ%2FysIEIMBw7tiTPGVmvaU59M5%2FXOVOCQ%2Fx9%2FlKucI53OS70jpkMti7w%2F3ZxgFZ9gEzQK7Y92rn8tLbJPn5rHSgIFwiuDfcpjo8jV5bWu6nqAKHz%2BjpT4mTGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 66d5303d8f2b4ee0-FRA

GET
H2 200 ajax-loader-fb-4fbe973b96349c727a1d97957527acc3.gif
lbstatic.nu/assets/ 723 B
1 KB 17ms
16ms Image
image/gif 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/ajax-loader-fb-4fbe973b96349c727a1d97957527acc3.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5320
content-length: 723
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-2d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aV9g1fr1f2g0xAMkCBa4JIyKLg3Rlfa24vq6iuoLnCwv0JA%2F7N6RoKWHuZUfgf7MdylTQLI9szSVVrO3XC8HZ%2Byk7J1pFBYfrUQCtDrpwweTk1Cjx8Oxb65M2dlH8Y5RmKQ%2FfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 66d5303d8f2d4ee0-FRA

GET
H2 200 arrow-up-white-5b97dd7bb071edf6b965bf452cda9fc2.svg
lbstatic.nu/assets/icons/ 686 B
922 B 17ms
17ms Image
image/svg+xml 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/icons/arrow-up-white-5b97dd7bb071edf6b965bf452cda9fc2.svg
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c53cb61e2947d208c306c8680d407115d7663d1920ef125ecdb1ffa417f22fcc

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 5505
etag: W/"60d93537-2ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eWiW%2FE41NGl74BlQxiJN2IxNXcpGPpKUB%2F0ct5YGcb%2BtbUp882%2FdEDcdAzvSjTBdCOn%2BOgk4Fo%2FD2BhIxljd8RIPMQvqJjgtwfKEgUJvGh5rxm3gOkTQpGAXqHsUJh%2BjVQFlaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66d5303d8f2f4ee0-FRA

GET
H2 200 quant.js Show response
edge.quantserve.com/ 24 KB
9 KB 24ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sun, 18 Jul 2021 21:40:07 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 68 KB
24 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b01f1d4f25f792a5aeaf377e16c55ac53a94ea3e5696d98ee6de29e74934d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "928 / 712 of 1000 / last-modified: 1625868492"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24112
x-xss-protection: 0
expires: Sun, 11 Jul 2021 21:40:07 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 64ms
34ms Script
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:30:35 GMT
content-encoding: gzip
server: Server
age: 571
etag: c457e964d47ff007ca9e04843536c474
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: solAsf6cT0znHo3.WmotmwzgHSp5bXCi
x-amz-cf-id: afk9QNCidCJatbiXR50vaK2XgJLjl1E9NOALRz4Jqxegt7zt2d2jBg==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed21592b9ac4f31c456cd8a88084e19bdd7e713b8408d3689e5532398c2f82c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Vmu9bO7S1YUa7X+cwMUXhg==
cross-origin-resource-policy: cross-origin
expires: Sun, 11 Jul 2021 21:52:58 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: qMvl13O3iZma2G/5C8mBm+TPtFw785CWNsiGa2oNbl4YWMZ4DRyfCF6o+nlqF2vDtDm0Ege5Evff7wIwJIzRfw==
x-fb-trip-id: 917726464
x-fb-content-md5: 9fa739dce7ff9e227a9f4994525b627d
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Sun, 11 Jul 2021 21:40:07 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d1146e81789a0f25e708ec7ac67ca3b5"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ProximaNova-Regular.woff
lbstatic.nu/assets/ 85 KB
85 KB 36ms
21ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Regular.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f73ec26d9716363ea8ea73560d10f91d63cf18e32103bcead35559ba1ac361

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 96
etag: W/"60d93537-155b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NxuPFW8TbWT0myTESRM6f2MdM52GcdQsZWsM1yocFDH6fjztAl%2FZ9JyBv%2BEvhyQblEEk%2FSlSazeLZijzV6WMbw2jSSvCa7bZRe%2FCWSfA%2F5KtvkjLrFURNifWkehYj%2FA0j6cAcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66d5303daca34e19-FRA

GET
H2 200 ProximaNova-Bold.woff
lbstatic.nu/assets/ 76 KB
76 KB 31ms
20ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Bold.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cfab6a75576c6827a6d5dd7f823e993678ee3161fed858ca4bb51ae8ce96677

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 96
etag: W/"60d93537-12e63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6PKTehpvIcAMG%2FC%2BQy%2B2Mcr2xL7V2cU6EcFtphg2%2FSutCo7chF0IKHNteKmED7Q8uYjEyMT1%2FuEAUUYDMr68eGpdf6hPtIQaF6k8uI%2F458FDVo8x7STenN9lNh8RGZHIJAaUVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66d5303daca84e19-FRA

GET
H2 200 fontawesome-webfont-6a928d6875c980852c3823caf78dfc43.woff2
lbstatic.nu/assets/ 55 KB
56 KB 24ms
14ms Font
application/octet-stream 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/fontawesome-webfont-6a928d6875c980852c3823caf78dfc43.woff2?v=4.3.0
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5248
content-length: 56780
last-modified: Sun, 15 Jul 2018 18:53:39 GMT
server: cloudflare
etag: "5b4b9833-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=khFvkVFXQ1nSvJo7grO1xhcbP3ANA1oEkrYDeJEfYBTnZtPt%2F1mykjbsBTMq1C5FtM%2FhNgM0HrfvipKLksTlC9XXDLHAiQEafm3AsNAuk3%2B%2Brz%2FnAPx6Wtjvy3L8%2BI54wxaXBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 66d5303daca74e19-FRA

GET
H2 200 ProximaNova-Semibold.woff
lbstatic.nu/assets/ 80 KB
80 KB 26ms
19ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Semibold.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 299920669c7ec8c0add3c58f21eea89871a531545df0b8d70c46db2f44ff4cc4

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 96
etag: W/"60d93537-13e7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=omy8murnY1PMiRCzGtCkUbvCcc3DeONLalSooWDkLsTEKi5ZlyEVDw0ttz7vjmxMQv6ef5NdSzPLXfWIN01UKSI8%2FRoqr1%2F8%2BhDLhQ2F%2BFtXA74ba7y9iKGDhWEqk3zMZ79VEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66d5303daca44e19-FRA

GET
H2 200 ProximaNova-Light.woff
lbstatic.nu/assets/ 91 KB
90 KB 13ms
13ms Font
application/font-woff 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Light.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202f5a44ef1b1fac13c36c93eee29c52cd61f6e4f3f3ccbc35ce23683cc605bd

Request headers

Origin: https://lookbook.nu
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
age: 4400
etag: W/"60d93537-16c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JwB1P8dbZx08coaQAttvaXrUhTgnYbhiR2gRs5oKk8WELCty2XseK5ZL%2BVZMkwJv58Ewln9JNgrIt%2B3bANFpo8vzce8Pgu7%2BzT95WNRQUjuvn%2F3jSmAHE%2BUN63SBoQMnF72kSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66d5303dccfd4e19-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6967
date: Sun, 11 Jul 2021 19:44:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sun, 11 Jul 2021 21:44:00 GMT

GET
H2 200 rules-p-15_abpQY22gxg.js Show response
rules.quantcount.com/ 3 B
438 B 45ms
16ms Script
application/javascript 2600:9000:2190:f600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-15_abpQY22gxg.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:f600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 13:23:50 GMT
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
age: 29779
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:43:01 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: gyrj9HqF7l361-nDzJZb5VQ9ycUUX3fwM296OJRoggueZ-_ujCQfeg==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 42ms
13ms Script
application/javascript 13.224.99.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-14.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:25:52 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 856
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: Sa2AVY1v0nOcpVZmBAMCG3np2SATvSP_2GpCVLwVofKRJcnKAWUNiQ==

GET
H2 200 new_sprite.png
lbstatic.nu/assets/ 26 KB
26 KB 12ms
12ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/new_sprite.png?cb=9
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca1fb4990a3abf9e6bba05433ed88ac85bfc8471a273c9c306a7685ace89d26

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1867
content-length: 26481
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-6771"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QUVNDG7YIMnp2sgJeg9mjWrfrsw2ih0vxZgVL9TmtMGaQP4zbLSUA1yuMZgBmaoDcDJZD4BZRE0CSAYDzdFAl3wK0cIloIeuQ7k2IWSOswp6Q49ghQtWxMScsrJF51HwNbdPqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 66d5303de82b4ee0-FRA

GET
H2 200 bubble-e7fec504b573a5fe7aa9a6f1b12e7976.png
lbstatic.nu/assets/ 294 B
629 B 11ms
11ms Image
image/png 2606:4700:20::681a:12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/bubble-e7fec504b573a5fe7aa9a6f1b12e7976.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd66670e33f248ddc8f8accfb0173af1e10af2389bd59f04ff148ed3e7ff3025

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 109
content-length: 294
last-modified: Mon, 28 Jun 2021 02:34:31 GMT
server: cloudflare
etag: "60d93537-126"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ak8V%2FLLgvQaTMrhkSMil5hGLMc30qrC%2FUxKxdyZbLbVCq%2B5z0OfW1Ai4vgdnj3kyoYsDy5CePnnX0J6Mo2YSCr1JtXlTAwg2KAO65H%2BL94BF1LIgK%2Bfh6xYXLe07aJlS5YXroQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 66d5303e18ce4ee0-FRA

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 228 KB
66 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c5b22c3bedd7af5fb02b269160a852fc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ea21cbab901996205857c8fe0ab2e6f54d0c28bd497cadc6836df3f7b196e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://lookbook.nu
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /hL/vAPBMGdI6BJfPgLI7w==
cross-origin-resource-policy: cross-origin
expires: Mon, 11 Jul 2022 20:33:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67897
x-fb-rlafr: 0
x-fb-debug: yw1bbvyT6/JsOlRF88x9r6eE5wu0hZ42yvasLXSfSUaJDgy2qUcC+CzUT6kBw2B/097dD+onSBjpsic8KkoVYg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 69736a9597efc53c7cc0ef7909ea7e8e
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 11 Jul 2021 21:40:08 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6ef4ac4f3b7adc630584d9874d9e37de"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 pubads_impl_2021070101.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 73ms
28ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 08:37:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117092
x-xss-protection: 0
expires: Sun, 11 Jul 2021 21:40:08 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 62 B
721 B 76ms
29ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lookbook.nu

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

49027a43e5d8327a503757b65fe0fcc586029d6d84c3390eddf68b3fc443cbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64
x-xss-protection: 0
expires: Sun, 11 Jul 2021 21:40:08 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-4019432-1&cid=1885889162.1626039608&jid=1518370167&gjid=1507257198&_gid=1562436812.1626039608&_u=YGBAgAABAAAAAE~&z=266375705

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 11 Jul 2021 21:40:08 GMT
content-type: text/plain
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=873114418&t=pageview&_s=1&dl=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&dp=%2Fuser%2F9459338&ul=en-us&de=UTF-8&dt=Noel%20%7C%20Lookbook&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1518370167&gjid=1507257198&cid=1885889162.1626039608&tid=UA-4019432-1&_gid=1562436812.1626039608&cg1=User%20Profiles&z=1811799460

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 05:31:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58122
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 135 B
513 B 169ms
168ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&pid=VpGgNLivFvtw3&cb=0&ws=1600x1200&v=7.66.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F1093101%2Fex_hp_728x90%22%7D%5D&cfgv=0&pubid=32930239-e300-4e84-8205-3dc868716562&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 0bca5dd458211bdc84100848e395d084151bd6554beb61476b8d66112a05d3fb

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lookbook.nu
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 138
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
x-amz-cf-id: Z8oIuKnRk6xIJSL1dKQDMOuz3zEX3b2k9f-Y8-j7IBNpH_R0kqXUJA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 40ms
15ms XHR
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 82217
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Sat, 10 Jul 2021 22:49:52 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: y0eFSKIcmv2asE5L2LJw9ZsJocdOBHl4_q59Vb4rHVKYhnI96a9f6g==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8354559&ns__t=1626039608085&ns_c=UTF-8&cv=3.5&c8=Noel%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1626039608085&ns_c=UTF-8&cv=3.5&c8=Noel%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&c9=

64 B
329 B

19ms
19ms

Image
image/gif

13.224.99.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1626039608085&ns_c=UTF-8&cv=3.5&c8=Noel%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&c9=
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-14.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: psOar5eDgVQ2JpbRjaRB0lsUFIPxxBio63gWhWqWAuWARHW7nxw3IA==

Redirect headers

date: Sun, 11 Jul 2021 21:40:08 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&ns__t=1626039608085&ns_c=UTF-8&cv=3.5&c8=Noel%20%7C%20Lookbook&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&c9=
content-length: 191
x-amz-cf-id: D1taXoTAg4hls3CwEz5UIVkCM7pAjod4kZW3FlcMXr_zX3OBKFd7jA==

GET
H2 200 pixel;r=1220243035;rf=0;a=p-15_abpQY22gxg;url=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel;uht=2;fpan=1;fpa=P0-1374239706-1626039608087;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=...
pixel.quantserve.com/ 35 B
371 B 12ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1220243035;rf=0;a=p-15_abpQY22gxg;url=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel;uht=2;fpan=1;fpa=P0-1374239706-1626039608087;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=lookbook.nu;je=0;sr=1600x1200x24;dst=1;et=1626039608087;tzo=-120;ogl=site_name.Lookbook%2Ctitle.Noel%2Ctype.lookbook-nu%3Auser%2Curl.http%3A%2F%2Flookbook%252Enu%2Fuser%2F9459338-Noel%2Cimage.%2F%2Flbstatic%252Enu%2Fassets%2Fguy%252Egif%2Cdescription.Best%20Smoke%20Shops%20Near%20Me

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 56ms
40ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=71607949800&input_token&origin=1&redirect_uri=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c5b22c3bedd7af5fb02b269160a852fc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ja1h/gmOBR9qpZFz5Zt1hUTHqV/4RCoObEHt7XfYGIsSsLq8U6UbgbIPd0UyJUbJaxUQM1/sz3u1G32/KXlhtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 11 Jul 2021 21:40:08 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 33ms
13ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 452ms
426ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4145019307699380&correlator=2361541199233914&output=ldjh&impl=fifs&eid=31061649%2C31061758%2C31061330%2C31061716%2C31061217%2C44743203&vrg=2021070101&ptt=17&sc=1&sfv=1-0-38&ecs=20210711&iu_parts=1093101%2Cex_hp_300x250%2Cex_hp_btf_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%7C300x250%2C300x250&eri=1&cust_params=d6%3D6%26d20%3D15%26brand%3D%26leadersize%3D728x90%26sideadsize%3D300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1626039608&dt=1626039608197&dlt=1626039607797&idt=365&frm=20&biw=1600&bih=1200&oid=3&adxs=990%2C990&adys=64%2C768&adks=1276300409%2C1030487218&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250%7C300x250&msz=300x250%7C300x-1&ga_vid=1885889162.1626039608&ga_sid=1626039608&ga_hid=873114418&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

48bd8a607989bdf4c7a110d26d2922aeb510f97688ff4226e6cc0a6a87515a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4760
x-xss-protection: 0
google-lineitem-id: -2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 929A 6 KB
3 KB 45ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 11 Jul 2021 21:40:08 GMT
expires: Mon, 11 Jul 2022 21:40:08 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 27ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 B
269 B 162ms
162ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4145019307699380&correlator=2622388999815383&output=ldjh&impl=fifs&eid=31061649%2C31061758%2C31061330%2C31061716%2C31061217%2C44743203&vrg=2021070101&ptt=17&sc=1&sfv=1-0-38&ecs=20210711&iu_parts=1093101%2Cex_hp_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=d6%3D6%26d20%3D15%26brand%3D%26leadersize%3D728x90%26sideadsize%3D300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1626039608&dt=1626039608265&dlt=1626039607797&idt=365&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=64&adks=3286650984&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x0&msz=980x0&ga_vid=1885889162.1626039608&ga_sid=1626039608&ga_hid=873114418&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

d2d124ddb0bb761c045744286a65eba3d53bdaa0e0ce9d4c1b7a33e4736b6f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 58A5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_ox-db5_dm_cnv_n-amobee
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_ox-db5_dm_cnv_n-amobee&dcc=t

257 B
943 B

200ms
200ms

Document
text/html

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_ox-db5_dm_cnv_n-amobee&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: ac2611aa7c5619772321940af938294a3302f9ac2db71561a984be33c009d01b

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://lookbook.nu/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A0ZMGdsQH0MslCSyM2DjJsw|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

Server: Server
Date: Sun, 11 Jul 2021 21:40:08 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 206
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A0ZMGdsQH0MslCSyM2DjJsw; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 21:40:08 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 21:40:08 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sun, 11 Jul 2021 21:40:08 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_ox-db5_dm_cnv_n-amobee&dcc=t
Set-Cookie: ad-id=A0ZMGdsQH0MslCSyM2DjJsw|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 21:40:08 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame C749 1 KB
942 B 47ms
46ms Document
text/html 52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=ox-db5_dm_cnv_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_ox-db5_dm_cnv_n-amobee&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 4fdc97e2ac571b50ecdd5ae9e0cb93540430c0326ccf2343a8546e98ea267d73

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_ox-db5_dm_cnv_n-amobee&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A0ZMGdsQH0MslCSyM2DjJsw; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_ox-db5_dm_cnv_n-amobee&dcc=t

Response headers

Server: Server
Date: Sun, 11 Jul 2021 21:40:08 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 581
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
H3-29 200 container.html Show response
4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EFD5 6 KB
3 KB 19ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 11 Jul 2021 21:40:08 GMT
expires: Mon, 11 Jul 2022 21:40:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830134516437"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27897
x-xss-protection: 0
expires: Sun, 11 Jul 2021 21:40:08 GMT

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame 1400
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...

628 B
723 B

28ms
28ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=ox-db5_dm_cnv_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 2638fd10032e14c3b6193896ec54c8bb14657f49fb71a67fbd1710abc28fe899

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=19fc67f9-22dd-0b72-1020-15993b28e6a8|1626039608
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=19fc67f9-22dd-0b72-1020-15993b28e6a8|1626039608; Version=1; Expires=Mon, 11-Jul-2022 21:40:08 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1626039608|gen0vNiygu; Version=1; Expires=Mon, 26-Jul-2021 21:40:08 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.210.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 11 Jul 2021 21:40:08 GMT
content-type: text/html
content-length: 391
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=19fc67f9-22dd-0b72-1020-15993b28e6a8|1626039608; Version=1; Expires=Mon, 11-Jul-2022 21:40:08 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.210.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date: Sun, 11 Jul 2021 21:40:08 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 2F7E
Redirect Chain

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
https://aax-eu.amazon-adsystem.com/s/ecm3?id=3741028058712879815&ex=districtm

43 B
344 B

98ms
49ms

Document
image/gif

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=3741028058712879815&ex=districtm
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=ox-db5_dm_cnv_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A0ZMGdsQH0MslCSyM2DjJsw; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sun, 11 Jul 2021 21:40:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Server: nginx/1.17.9
Date: Sun, 11 Jul 2021 21:40:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=3741028058712879815&ex=districtm
AN-X-Request-Uuid: 50f50d9e-deac-4b6b-99da-1614ad02c591
Set-Cookie: uuid2=3741028058712879815; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 09-Oct-2021 21:40:08 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 185.9.18.83; 185.9.18.83; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H2 204 current
amazon-tam-match.dotomi.com/match/bounce/ Frame 1DB9 0
0 92ms
61ms Document
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=ox-db5_dm_cnv_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: amazon-tam-match.dotomi.com
:scheme: https
:path: /match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sun, 11 Jul 2021 21:40:08 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D786 14 KB
5 KB 82ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=ox-db5_dm_cnv_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=81567
expires: Mon, 12 Jul 2021 20:19:35 GMT
date: Sun, 11 Jul 2021 21:40:08 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 93F9 281 B
554 B 58ms
19ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=ox-db5_dm_cnv_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 11 Jul 2021 21:40:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame A60F
Redirect Chain

https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3385153130245524089

43 B
344 B

49ms
49ms

Document
image/gif

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3385153130245524089
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=ox-db5_dm_cnv_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A0ZMGdsQH0MslCSyM2DjJsw; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sun, 11 Jul 2021 21:40:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=3385153130245524089; Domain=.turn.com; Expires=Fri, 07-Jan-2022 21:40:08 GMT; Path=/; Secure; SameSite=None
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3385153130245524089
content-length: 0
date: Sun, 11 Jul 2021 21:40:08 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EFD5 0
0 53ms
53ms Fetch
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-tmZOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMkBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjEfSSbGCpBTh9V6z4FOnX7Czl4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItMDc5MDg5NDE0ODQ1MTc4NQ&sigh=SKyXheQIvgw
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200 Cookie set ShowAd Show response
brain.rvty.net/RTB/ Frame 7316 2 KB
2 KB 66ms
23ms Document
text/html 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
Requested by: Host: 4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com
URL: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 9d374f5440583796de4ca7a94968168b5177be11aa103b3382f637a7c7deb4af

Request headers

Host: brain.rvty.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/

Response headers

Server: nginx/1.13.4
Date: Sun, 11 Jul 2021 21:40:08 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: RTBUserId=908de8ad-1902-4d6e-9e35-86f714e5bc3e; path=/; SameSite=None; secure; Expires=Mon, 11 Jul 2022 23:40:08 CEST RTBUserId-Old=908de8ad-1902-4d6e-9e35-86f714e5bc3e; path=/; secure; Expires=Mon, 11 Jul 2022 23:40:08 CEST RTBUserId-Plain=908de8ad-1902-4d6e-9e35-86f714e5bc3e; path=/; Expires=Mon, 11 Jul 2022 23:40:08 CEST
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Encoding: gzip

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame EFD5 3 KB
1 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com
URL: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 21:25:42 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFD5 123 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com
URL: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Sun, 11 Jul 2021 21:40:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame EFD5 14 KB
6 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com
URL: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:39:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 21:39:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EFD5 0
0 14ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnoW7WbTBjBXchGL3f8U3qD3tMI3zyqvZVBsot3HVGQWlpYbh81cVK7lW3_rByMyr6wlEh_4UOnKKJBzp9lzsdruM6yw
Requested by: Host: 4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com
URL: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EFD5 22 KB
7 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com
URL: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jul 2022 12:04:30 GMT

GET
DATA 200
OK truncated
/ Frame EFD5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52c63a6caba14c7b8f9c4925792bdf4d3d70ca5929497deac82135e9a2173ebf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 93F9 31 KB
9 KB 25ms
25ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b2a85c91c46dcb480f5253cbf0cfc61a63eb1a296b065deb2f7e8e52f8e99694

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 21:40:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11530
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9274
Expires: Mon, 12 Jul 2021 00:52:18 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D786 4 KB
4 KB 81ms
26ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99044042&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 62a3db024852723b27a9a2dba164c4caf1576b9bd58a82ee287b44afaa51b330

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK ads_view.js Show response
cdn.rvty.net/view/ Frame 7316 3 KB
4 KB 65ms
21ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/view/ads_view.js
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 21:40:08 GMT
Last-Modified: Fri, 20 Dec 2019 09:27:25 GMT
Server: nginx/1.13.4
ETag: "5dfc93fd-d40"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3392

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1400 43 B
344 B 49ms
49ms Image
image/gif 52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=928624dd-97f0-8f7f-8af8-5fe6373c1eb5
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jul 2021 21:40:08 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1400
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=IHwF-iB5U6A7fVf5cn1NqyB6Vvk7elCqJi-gei_u

43 B
180 B

28ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=IHwF-iB5U6A7fVf5cn1NqyB6Vvk7elCqJi-gei_u
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=IHwF-iB5U6A7fVf5cn1NqyB6Vvk7elCqJi-gei_u
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1400
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1738121145274390146

43 B
106 B

31ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1738121145274390146
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1738121145274390146
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 1400 70 B
265 B 157ms
50ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=ca5058a0-8b5a-3485-4af6-dd715f0fd555&gdpr=0
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 1400 170 B
243 B 70ms
26ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTYzZjhiNmEtNDIyZC02YTIxLTVmMTYtODdjODk1ZWQxYjM1

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1400
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIapmrS3aGQ-1QF6eVQSwJ4&google_cver=1

43 B
106 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIapmrS3aGQ-1QF6eVQSwJ4&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIapmrS3aGQ-1QF6eVQSwJ4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 93F9 284 B
934 B 83ms
21ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/jpg

GET
H/1.1 200
OK 8vtifwpeqz6l Show response
ad.ad-srv.net/zone/ Frame 7316 11 KB
4 KB 68ms
23ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/8vtifwpeqz6l?subid=&gdpr=&gdpr_consent=[EXTVARS_QUERYPARAMS]&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D1379896%2526a%253D188772%2526t%253D1626039608752%2526l%253D44%2526p%253D3%2526appid%253D%2526aa%253D60eb6538-0005-0b81-08bb-c96f2e090811%2526gdpr%253D0%2526gdpr_consent%253D%2526dest%253D
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8b984d4972311b45d5301e5b8b426968e40105532c328b7c08faef65523a99ce

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 21:40:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3395
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 836B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=251F9F75-7846-4790-9F93-A251411270C8
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=251F9F75-7846-4790-9F93-A251411270C8

35 B
468 B

35ms
34ms

Document
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=251F9F75-7846-4790-9F93-A251411270C8

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=251F9F75-7846-4790-9F93-A251411270C8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 11 Jul 2021 21:40:08 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=5290743797014796755; expires=Thu, 09 Sep 2021 21:40:08 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Sun, 11 Jul 2021 21:40:08 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=251F9F75-7846-4790-9F93-A251411270C8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Wed, 11 Aug 2021 21:40:08 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 661D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBVnlFN0Ixc29BQURZamZYTTFwdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

43ms
43ms

Document
image/gif

52.30.92.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.92.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-92-119.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AAAVyE7B1soAADYjfXM1pw; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Sun, 11 Jul 2021 21:40:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Sun, 11 Jul 2021 21:40:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame E728 43 B
338 B 85ms
28ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sun, 11 Jul 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1152
date: Sun, 11 Jul 2021 21:40:08 GMT
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B0D7
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5279725587
https://sync.1rx.io/usersync/tradedesk/30a274be-4682-48cb-b7b2-1a0afee7351e
https://sync.targeting.unrulymedia.com/csync/RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003

42 B
268 B

25ms
25ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=251F9F75-7846-4790-9F93-A251411270C8; chkChromeAb67Sec=1; DPSync3=1627171200%3A201_197%7C1626566400%3A164%7C1626048000%3A174; SyncRTB3=1627171200%3A220_21_13_166_3_99_22_55_8_54_7_178_71_104_48%7C1626825600%3A63%7C1626566400%3A2_223_15%7C1627257600%3A35; KRTBCOOKIE_22=14911-3385153130245524089; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:aef960eb-6538-4500-9c28-d4008cde801c&KRTB&16736-uid:aef960eb-6538-4500-9c28-d4008cde801c&KRTB&23019-uid:aef960eb-6538-4500-9c28-d4008cde801c&KRTB&23114-uid:aef960eb-6538-4500-9c28-d4008cde801c; SPugT=1626039607; KRTBCOOKIE_80=22987-CAESEHQvQ_kprcnYDpdnwpVKONU&KRTB&16514-CAESEHQvQ_kprcnYDpdnwpVKONU&KRTB&23025-CAESEHQvQ_kprcnYDpdnwpVKONU; KRTBCOOKIE_57=22776-3741028058712879815; KRTBCOOKIE_377=6810-30a274be-4682-48cb-b7b2-1a0afee7351e&KRTB&22918-30a274be-4682-48cb-b7b2-1a0afee7351e&KRTB&23031-30a274be-4682-48cb-b7b2-1a0afee7351e; KRTBCOOKIE_153=19420-x7DZ38e1j4XcsYvclbGRjse2itzctoyPweN_N0LR&KRTB&22979-x7DZ38e1j4XcsYvclbGRjse2itzctoyPweN_N0LR; KRTBCOOKIE_218=22978-YOtlOQACwKFm3wA4&KRTB&23194-YOtlOQACwKFm3wA4&KRTB&23209-YOtlOQACwKFm3wA4&KRTB&23244-YOtlOQACwKFm3wA4; PugT=1626039608
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 11 Jul 2021 21:40:07 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003&KRTB&17107-RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 09-Oct-2021 21:40:07 GMT; path=/ PugT=1626039607; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 10-Aug-2021 21:40:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 09-Oct-2021 21:40:07 GMT; path=/
x-lat: amspug013:0:421
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Sun, 11 Jul 2021 21:40:09 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003%22%7D; path=/; expires=Mon, 11 Jul 2022 21:40:09 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003
etag: RX1e32e7c92ced437f98325e793cdba9fc003

GET
H/1.1 200
OK ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 7D25 43 B
344 B 52ms
49ms Document
image/gif 52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=251F9F75-7846-4790-9F93-A251411270C8&ex=pubmatic.com
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A0ZMGdsQH0MslCSyM2DjJsw; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: Server
Date: Sun, 11 Jul 2021 21:40:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D786
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JR-fdXhGR5Cfk6JRQRJwyA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

26ms
26ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=81567
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Mon, 12 Jul 2021 20:19:35 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame D786 0
66 B 53ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=251F9F75-7846-4790-9F93-A251411270C8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d32d60eb-6538-4c00-a3c0-482e95a11c4c

0
48 B

81ms
27ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d32d60eb-6538-4c00-a3c0-482e95a11c4c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 11 Jul 2021 21:40:08 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d32d60eb-6538-4c00-a3c0-482e95a11c4c
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 11 Jul 2021 21:40:07 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=30a274be-4682-48cb-b7b2-1a0afee7351e

42 B
291 B

24ms
24ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=30a274be-4682-48cb-b7b2-1a0afee7351e
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:377
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=30a274be-4682-48cb-b7b2-1a0afee7351e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjUxRjlGNzUtNzg0Ni00NzkwLTlGOTMtQTI1MTQxMTI3MEM4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
340 B

80ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:308
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YOtlOQACwKFm3wA4&gdpr=0&gdpr_consent=&_test=YOtlOQACwKFm3wA4

1 B
236 B

24ms
24ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YOtlOQACwKFm3wA4&gdpr=0&gdpr_consent=&_test=YOtlOQACwKFm3wA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:367
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626039609.156212,VS0,VE0
x-served-by: cache-fra19170-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YOtlOQACwKFm3wA4&gdpr=0&gdpr_consent=&_test=YOtlOQACwKFm3wA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3385153130245524089&gdpr=0&gdpr_consent=&us_privacy=

1 B
477 B

74ms
24ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3385153130245524089&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:299
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3385153130245524089&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHQvQ_kprcnYDpdnwpVKONU&google_cver=1

42 B
362 B

80ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHQvQ_kprcnYDpdnwpVKONU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:416
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHQvQ_kprcnYDpdnwpVKONU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aef960eb-6538-4500-9c28-d4008cde801c&gdpr=0&gdpr_consent=

42 B
511 B

38ms
24ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aef960eb-6538-4500-9c28-d4008cde801c&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:393
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 11 Jul 2021 21:40:08 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aef960eb-6538-4500-9c28-d4008cde801c&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 11 Jul 2021 21:40:07 GMT

GET
H2 200 251F9F75-7846-4790-9F93-A251411270C8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D786 43 B
836 B 105ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/251F9F75-7846-4790-9F93-A251411270C8?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=251F9F75-7846-4790-9F93-A251411270C8&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=251F9F75-7846-4790-9F93-A251411270C8&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jbCJP35E2uUSAVuwt5BLUMxf879WXDc-~A&gdpr=0&gdpr_consent=

0
260 B

33ms
26ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jbCJP35E2uUSAVuwt5BLUMxf879WXDc-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 11 Jul 2021 21:40:08 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jbCJP35E2uUSAVuwt5BLUMxf879WXDc-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 pubmatic
um.simpli.fi/ Frame D786 43 B
609 B 82ms
24ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 10 Jul 2021 21:40:08 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3741028058712879815&gdpr=0&gdpr_consent=

42 B
209 B

97ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3741028058712879815&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:09 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:456
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sun, 11 Jul 2021 21:40:08 GMT
X-Proxy-Origin: 185.9.18.83; 185.9.18.83; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9df6dcd4-7367-4ab5-9565-1ae688eb69e0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3741028058712879815&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame D786 0
103 B 17ms
11ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=251F9F75-7846-4790-9F93-A251411270C8&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:08 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame D786 0
88 B 421ms
105ms Image
text/plain 54.236.227.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.227.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-227-29.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=908d28e3-e290-11eb-9ad4-f9d7ba686671&gdpr=0&gdpr_consent=

1 B
216 B

24ms
24ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=908d28e3-e290-11eb-9ad4-f9d7ba686671&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:07 GMT
cache-control: no-store, no-cache, private
x-lat: amspug014:0:366
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=908d28e3-e290-11eb-9ad4-f9d7ba686671&gdpr=0&gdpr_consent=
Date: Sun, 11 Jul 2021 21:40:08 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 908d28e4-e290-11eb-9ad4-f9d7ba686671

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=988bc071-ed13-4ea0-af52-962784235851-60eb6539-4348&gdpr=0&gdpr_consent=

42 B
232 B

33ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=988bc071-ed13-4ea0-af52-962784235851-60eb6539-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:09 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:348
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:09 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=988bc071-ed13-4ea0-af52-962784235851-60eb6539-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=91608fde-f96d-44ab-ac1c-295d1d85b97a&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

24ms
23ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=91608fde-f96d-44ab-ac1c-295d1d85b97a&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:08 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:360
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=91608fde-f96d-44ab-ac1c-295d1d85b97a&gdpr=&gdpr_consent=&gdpr_pd=
date: Sun, 11 Jul 2021 21:40:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D786
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x7DZ38e1j4XcsYvclbGRjse2itzctoyPweN_N0LR

42 B
424 B

32ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x7DZ38e1j4XcsYvclbGRjse2itzctoyPweN_N0LR
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:09 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:548
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x7DZ38e1j4XcsYvclbGRjse2itzctoyPweN_N0LR
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame D786
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_E0123999_14B84F33B&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

144ms
144ms

Image
image/gif

204.2.255.233
NTT-COMMUNICATION...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.255.233 , United States, ASN2914 (NTT-COMMUNICATIONS-2914, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-309026409; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jul 2021 21:40:09 GMT
Cache-Control: no-cache
Expires: -1
Content-Length: 43
Strict-Transport-Security: max-age=-309026409; includeSubDomains
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Sun, 11 Jul 2021 21:40:07 GMT
cache-control: no-store, no-cache, private
x-lat: amspug009:0:417
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 93F9
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KQZQ001P-21-2ZYY&ex=d-rubiconproject.com&status=ok

43 B
344 B

48ms
48ms

Image
image/gif

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=KQZQ001P-21-2ZYY&ex=d-rubiconproject.com&status=ok
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jul 2021 21:40:09 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=KQZQ001P-21-2ZYY&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H/1.1

200
OK

request.php Show response
ad12.ad-srv.net/ Frame 7316
Redirect Chain

https://ad12.ad-srv.net/request.php?zone=8vtifwpeqz6l&nw=14&renderingType=javascript&namespace=fd958d3bed&subid=&uid=e056f50760a4b92d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x2...
https://ad12.ad-srv.net/request.php?zone=8vtifwpeqz6l&nw=14&renderingType=javascript&namespace=fd958d3bed&subid=&uid=e056f50760a4b92d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x2...

2 KB
1 KB

1119ms
52ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/request.php?zone=8vtifwpeqz6l&nw=14&renderingType=javascript&namespace=fd958d3bed&subid=&uid=e056f50760a4b92d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=%5BEXTVARS_QUERYPARAMS%5D&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D1379896%2526a%253D188772%2526t%253D1626039608752%2526l%253D44%2526p%253D3%2526appid%253D%2526aa%253D60eb6538-0005-0b81-08bb-c96f2e090811%2526gdpr%253D0%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2Chttps%3A%2F%2Flookbook.nu&random=6841428719768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 0cca1f2badb6a1b90d4601587403e9752e10e78fd2e4a12df71c659607a42903

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jul 2021 21:40:10 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 96186200161843302757754011652012
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 808
Expires: Sun, 11 Jul 2021 22:40:10 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 11 Jul 2021 21:40:09 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=8vtifwpeqz6l&nw=14&renderingType=javascript&namespace=fd958d3bed&subid=&uid=e056f50760a4b92d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=%5BEXTVARS_QUERYPARAMS%5D&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D1379896%2526a%253D188772%2526t%253D1626039608752%2526l%253D44%2526p%253D3%2526appid%253D%2526aa%253D60eb6538-0005-0b81-08bb-c96f2e090811%2526gdpr%253D0%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2Chttps%3A%2F%2Flookbook.nu&random=6841428719768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 11 Jul 2021 22:40:09 +0200

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 93F9 70 B
264 B 52ms
50ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 93F9
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQZQ001P-21-2ZYY&sigv=1&esig=2~ccf6086b73aee1321aaa0c500fdb5bfc5a88dae2

0
444 B

22ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQZQ001P-21-2ZYY&sigv=1&esig=2~ccf6086b73aee1321aaa0c500fdb5bfc5a88dae2

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:09 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQZQ001P-21-2ZYY&sigv=1&esig=2~ccf6086b73aee1321aaa0c500fdb5bfc5a88dae2
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 93F9
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FaUTAwMVAtMjEtMlpZWQ==

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FaUTAwMVAtMjEtMlpZWQ==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FaUTAwMVAtMjEtMlpZWQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 93F9
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQzMzI5YTk2OWUyMWFkZGQxMWJlZjNkOTg2MzRmZTQ0MzY1ZWFlZg

170 B
188 B

26ms
26ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQzMzI5YTk2OWUyMWFkZGQxMWJlZjNkOTg2MzRmZTQ0MzY1ZWFlZg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQzMzI5YTk2OWUyMWFkZGQxMWJlZjNkOTg2MzRmZTQ0MzY1ZWFlZg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 93F9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDSSTzVbhGjOa-rIQY3ZcUU&google_cver=1

42 B
691 B

190ms
29ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDSSTzVbhGjOa-rIQY3ZcUU&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDSSTzVbhGjOa-rIQY3ZcUU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 93F9 0
42 B 26ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:09 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 93F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YOtlOQACfmN-SwBg
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YOtlOQACfmN-SwBg&_test=YOtlOQACfmN-SwBg

42 B
691 B

148ms
28ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YOtlOQACfmN-SwBg&_test=YOtlOQACfmN-SwBg
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626039609.132306,VS0,VE0
x-served-by: cache-fra19170-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YOtlOQACfmN-SwBg&_test=YOtlOQACfmN-SwBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 93F9
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/K-eSzdyMO7Z8caBQzVZC9Mn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6413573067299030089

42 B
691 B

129ms
31ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6413573067299030089
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

date: Sun, 11 Jul 2021 21:40:09 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6413573067299030089
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EFD5 42 B
518 B 59ms
39ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUsdXPsvyGKsvNzZijaByLdiucFmrxEOnEXxP2z1Ub69I3dSk0DB9zHRHOjUOWwjSKowlR_kWm4gKfG_zWFVFbMHhjwRW2&sig=Cg0ArKJSzHUuRfTLQHWGEAE&id=lidar2&mcvt=1000&p=518,990,768,1290&asp=518,990,768,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210709&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1030487218&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626039608669&dlt=20&rpt=97&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

htlp_c.html Show response
htlp.emp-online.ch/ Frame DE3A
Redirect Chain

https://cct.connects.ch/tpv.php?t=117581V1541143261M&subid=96186200161843302757754011652012&gdpr=&gdpr_consent=
https://htlp.emp-online.ch/htlp_c.html?wt_mc=pt.connects._117581_._NNNNN_._Post-View%20Partner_._WWWWW_.&lea_source=2021071123401052684812799X117581V1541143261MS96186200161843302757754011652012

2 KB
3 KB

74ms
33ms

Document
text/html

2600:9000:2156:fa00:c:6264:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlp.emp-online.ch/htlp_c.html?wt_mc=pt.connects._117581_._NNNNN_._Post-View%20Partner_._WWWWW_.&lea_source=2021071123401052684812799X117581V1541143261MS96186200161843302757754011652012
Requested by: Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request.php?zone=8vtifwpeqz6l&nw=14&renderingType=javascript&namespace=fd958d3bed&subid=&uid=e056f50760a4b92d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=%5BEXTVARS_QUERYPARAMS%5D&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D1379896%2526a%253D188772%2526t%253D1626039608752%2526l%253D44%2526p%253D3%2526appid%253D%2526aa%253D60eb6538-0005-0b81-08bb-c96f2e090811%2526gdpr%253D0%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2Chttps%3A%2F%2Flookbook.nu&random=6841428719768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fa00:c:6264:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9ccee9255f473e47a7eff4e4dab7449a4b8ca3c88631e91bc3b28af7bec12a4

Request headers

:method: GET
:authority: htlp.emp-online.ch
:scheme: https
:path: /htlp_c.html?wt_mc=pt.connects._117581_._NNNNN_._Post-View%20Partner_._WWWWW_.&lea_source=2021071123401052684812799X117581V1541143261MS96186200161843302757754011652012
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://brain.rvty.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

content-type: text/html
content-length: 2488
date: Sun, 11 Jul 2021 21:40:11 GMT
last-modified: Mon, 17 Feb 2020 09:11:48 GMT
etag: "2ecc70a226fa7d1a1814eb985fd357a4"
x-amz-version-id: IOWeFwP7sU3esuP4PEVmnQ68vW6IhwwG
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4ViALzAaHBS7ZhSizleWGAZkF4rcp2DxHJc9L5DSJeWGhpa-MGpKCg==

Redirect headers

server: nginx
date: Sun, 11 Jul 2021 21:40:10 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID= 4calr9rrghchigss1f8vmurvov; SameSite=None; Secure ppv1541=2021071123401052684812799X117581V1541143261MS96186200161843302757754011652012; expires=Sun, 18-Jul-2021 21:40:10 GMT; Max-Age=604800; path=/; domain=.connects.ch; SameSite=None; secure; HttpOnly
location: https://htlp.emp-online.ch/htlp_c.html?wt_mc=pt.connects._117581_._NNNNN_._Post-View Partner_._WWWWW_.&lea_source=2021071123401052684812799X117581V1541143261MS96186200161843302757754011652012
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

1x1.gif Show response
www.adtracker.ch/upload/ Frame 7113
Redirect Chain

https://cct.connects.ch/tpv.php?t=117581V1422143551M&subid=96186200161843302757754011652012&gdpr=&gdpr_consent=
https://www.adtracker.ch/upload/1x1.gif?x=1&lea_source=2021071123401052684812797X117581V1422143551MS96186200161843302757754011652012

42 B
156 B

302ms
13ms

Document
image/gif

5.148.168.135
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adtracker.ch/upload/1x1.gif?x=1&lea_source=2021071123401052684812797X117581V1422143551MS96186200161843302757754011652012
Requested by: Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request.php?zone=8vtifwpeqz6l&nw=14&renderingType=javascript&namespace=fd958d3bed&subid=&uid=e056f50760a4b92d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=%5BEXTVARS_QUERYPARAMS%5D&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D1379896%2526a%253D188772%2526t%253D1626039608752%2526l%253D44%2526p%253D3%2526appid%253D%2526aa%253D60eb6538-0005-0b81-08bb-c96f2e090811%2526gdpr%253D0%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2Chttps%3A%2F%2Flookbook.nu&random=6841428719768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.148.168.135 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: www.adtracker.ch
:scheme: https
:path: /upload/1x1.gif?x=1&lea_source=2021071123401052684812797X117581V1422143551MS96186200161843302757754011652012
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://brain.rvty.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

date: Sun, 11 Jul 2021 21:40:10 GMT
server: Apache
last-modified: Tue, 10 Jul 2018 10:21:41 GMT
etag: "2a-570a27efbd740"
accept-ranges: bytes
content-length: 42
content-type: image/gif

Redirect headers

server: nginx
date: Sun, 11 Jul 2021 21:40:10 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID= c94lms4085bqkfmes6sldmsv4h; SameSite=None; Secure ppv1422=2021071123401052684812797X117581V1422143551MS96186200161843302757754011652012; expires=Tue, 13-Jul-2021 21:40:10 GMT; Max-Age=172800; path=/; domain=.connects.ch; SameSite=None; secure; HttpOnly
location: https://www.adtracker.ch/upload/1x1.gif?x=1&lea_source=2021071123401052684812797X117581V1422143551MS96186200161843302757754011652012
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

kaspersky_logo_green_120x60_white.jpg
media.kaspersky.com/de/affiliates/ Frame DE4B
Redirect Chain

https://www.awin1.com/cshow.php?s=2528696&v=13872&q=368718&r=278235&pref1=96186200161843302757754011652012&gdpr=&gdpr_consent=
https://kaspersky.commander1.com/v3/?tcs=1987&cmp=Kaspersky&chn=AffiliateAffilinet&src=nay_an_de-278235&url=https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg
https://kaspersky.commander1.com/v3/?firsttime=1&tcs=1987&cmp=Kaspersky&chn=AffiliateAffilinet&src=nay_an_de-278235&url=https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg
https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg

0
0

219ms
109ms

Document
image/jpeg

185.85.15.31
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg

Requested by

Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request.php?zone=8vtifwpeqz6l&nw=14&renderingType=javascript&namespace=fd958d3bed&subid=&uid=e056f50760a4b92d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=%5BEXTVARS_QUERYPARAMS%5D&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D1379896%2526a%253D188772%2526t%253D1626039608752%2526l%253D44%2526p%253D3%2526appid%253D%2526aa%253D60eb6538-0005-0b81-08bb-c96f2e090811%2526gdpr%253D0%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2Chttps%3A%2F%2Flookbook.nu&random=6841428719768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.85.15.31 , Russian Federation, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs Kaspersky Labs

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: media.kaspersky.com
:scheme: https
:path: /de/affiliates/kaspersky_logo_green_120x60_white.jpg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://brain.rvty.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

content-type: image/jpeg
last-modified: Fri, 28 Jun 2019 10:08:41 GMT
accept-ranges: bytes
etag: "8de2876992dd51:0"
server
x-powered-by: Kaspersky Labs Kaspersky Labs
x-frame-options: SAMEORIGIN
x-server: fr2/MSK6
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 11 Jul 2021 21:40:07 GMT
content-length: 20612

Redirect headers

Date: Sun, 11 Jul 2021 21:40:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private, max-age=486000, pre-check=486000
Pragma: private
Expires: Sat, 09 Oct 21 23:40:10 +0200
Set-Cookie: tc_cj_v2=%5B%21%21%24%27%24%7B%2F%20%5B%21%21%24%27%24%29%20%2FZZZ%29%7B4y%7B%29y~%20GLQRLMOZZZKPLPJMSPKJJJJZZZpc_q; expires=Mon, 11-Jul-2022 21:40:10 GMT; path=/; samesite=none; domain=kaspersky.commander1.com; secure tc_cj_v2_cmp=e%7B.%2B%20-.%264; expires=Mon, 11-Jul-2022 21:40:10 GMT; path=/; samesite=none; domain=kaspersky.commander1.com; secure TCID=202107112340106984180662; expires=Mon, 11-Jul-2022 21:40:10 GMT; path=/; samesite=none; domain=.commander1.com; secure
location: https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg
Server: web
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK request_content.php Show response
ad12.ad-srv.net/ Frame 1FFA 42 KB
8 KB 72ms
25ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
Requested by: Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request.php?zone=8vtifwpeqz6l&nw=14&renderingType=javascript&namespace=fd958d3bed&subid=&uid=e056f50760a4b92d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=%5BEXTVARS_QUERYPARAMS%5D&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D1379896%2526a%253D188772%2526t%253D1626039608752%2526l%253D44%2526p%253D3%2526appid%253D%2526aa%253D60eb6538-0005-0b81-08bb-c96f2e090811%2526gdpr%253D0%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com%2Chttps%3A%2F%2Flookbook.nu&random=6841428719768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 230ab07bf6fa231fda55859f912cb72d2c652928fec18367401069a5c977e7d3

Request headers

Host: ad12.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://brain.rvty.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: kdb0xdq3ls8m_uid=f70125de99b3dbcf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

Date: Sun, 11 Jul 2021 21:40:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 11 Jul 2021 22:40:10 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7903
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
cdn.rvty.net/_files/js/ Frame DC22 91 KB
91 KB 30ms
30ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/view/ads_view.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 21:40:10 GMT
Last-Modified: Wed, 08 Jan 2020 08:13:37 GMT
Server: nginx/1.13.4
ETag: "5e158f31-16bb3"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93107

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
20ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:10 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad12.ad-srv.net/ Frame 1FFA 0
150 B 96ms
33ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/viewability?s=96186200161843302757754011652012&a=beb4193c&vb=m
Requested by: Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 21:40:10 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

234x060B.gif
media.acfrg.com/banner/de/Entertainment/ Frame 1FFA
Redirect Chain

https://cct.connects.ch/tb.php?t=117581V1541144753B&subid=96186200161843302757754011652012&gdpr=&gdpr_consent=
https://media.acfrg.com/banner/de/Entertainment/234x060B.gif

12 KB
13 KB

46ms
9ms

Image
image/gif

2600:9000:2156:1c00:13:99a2:1280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.acfrg.com/banner/de/Entertainment/234x060B.gif
Requested by: Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:13:99a2:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 03ba4b50317d21edccc468f1412ae13890a6fcc895aa29627227c2f2c29a4db4

Request headers

Referer: https://ad12.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 19:50:04 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
etag: "598c7e95-30b6"
last-modified: Thu, 10 Aug 2017 15:41:09 GMT
server: nginx
age: 6606
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12470
x-amz-cf-id: FmW9zee_QY3Gvqle5cqJhgvBSuEmFJ7ilQL1JWppqnxdDliYLKCT1g==

Redirect headers

location: https://media.acfrg.com/banner/de/Entertainment/234x060B.gif
date: Sun, 11 Jul 2021 21:40:10 GMT
x-content-type-options: nosniff
server: nginx
accept-ranges: bytes
x-xss-protection: 1; mode=block
content-type: image/gif

GET
H2

200

min_ad_234x60_v2_08032017_de.gif
www.adtracker.ch/upload/miniSchoggi/Banner/ Frame 1FFA
Redirect Chain

https://cct.connects.ch/tb.php?t=117581V1422140455B&subid=96186200161843302757754011652012&gdpr=&gdpr_consent=
https://www.adtracker.ch/upload/miniSchoggi/Banner/min_ad_234x60_v2_08032017_de.gif

20 KB
20 KB

280ms
13ms

Image
image/gif

5.148.168.135
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adtracker.ch/upload/miniSchoggi/Banner/min_ad_234x60_v2_08032017_de.gif
Requested by: Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.148.168.135 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
Software: Apache /
Resource Hash: ab5e6e5d8293917e30f7b8f52831106b71c306caf220ba2c09d8f528a6411eda

Request headers

Referer: https://ad12.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:10 GMT
last-modified: Tue, 27 Mar 2018 13:25:30 GMT
server: Apache
accept-ranges: bytes
etag: "5076-56864d306a680"
content-length: 20598
content-type: image/gif

Redirect headers

location: https://www.adtracker.ch/upload/miniSchoggi/Banner/min_ad_234x60_v2_08032017_de.gif
date: Sun, 11 Jul 2021 21:40:10 GMT
x-content-type-options: nosniff
server: nginx
accept-ranges: bytes
x-xss-protection: 1; mode=block
content-type: image/gif

GET
H2

200

kaspersky_logo_green_120x60_white.jpg
media.kaspersky.com/de/affiliates/ Frame 1FFA
Redirect Chain

https://www.awin1.com/cshow.php?s=2528696&v=13872&q=368718&r=278235&pref1=96186200161843302757754011652012&gdpr=&gdpr_consent=
https://kaspersky.commander1.com/v3/?tcs=1987&cmp=Kaspersky&chn=AffiliateAffilinet&src=nay_an_de-278235&url=https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg
https://kaspersky.commander1.com/v3/?firsttime=1&tcs=1987&cmp=Kaspersky&chn=AffiliateAffilinet&src=nay_an_de-278235&url=https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg
https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg

20 KB
20 KB

154ms
82ms

Image
image/jpeg

185.85.15.31
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg

Requested by

Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.85.15.31 , Russian Federation, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

d75068eff86c3491577fd62a86922f9cca41c89f0d06b6643632dd7a27a63913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ad12.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 28 Jun 2019 10:08:41 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "8de2876992dd51:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr2/MSK6
accept-ranges: bytes
content-length: 20612
date: Sun, 11 Jul 2021 21:40:07 GMT

Redirect headers

Pragma: private
Date: Sun, 11 Jul 2021 21:40:10 GMT
Server: web
location: https://media.kaspersky.com/de/affiliates/kaspersky_logo_green_120x60_white.jpg
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Connection: keep-alive
Content-Type: text/html
Expires: Sat, 09 Oct 21 23:40:10 +0200

GET
H/1.1 200
OK oba_icon.png
cdn.contentspread.net/oliro/oba/ Frame 1FFA 3 KB
3 KB 332ms
19ms Image
image/png 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/oliro/oba/oba_icon.png
Requested by: Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Referer: https://ad12.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 21:40:10 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:49 GMT
Server: nginx
ETag: "57a48d4d-c35"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3125

GET
H2 200 lila.js Show response
tc.connects.ch/ Frame DE3A 16 KB
5 KB 375ms
43ms Script
application/javascript 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://tc.connects.ch/lila.js

Requested by

Host: htlp.emp-online.ch
URL: https://htlp.emp-online.ch/htlp_c.html?wt_mc=pt.connects._117581_._NNNNN_._Post-View%20Partner_._WWWWW_.&lea_source=2021071123401052684812799X117581V1541143261MS96186200161843302757754011652012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

2bbd412bfc6e2aefaee5cf0648ad34e5ae55f21b7baec795169ad9d1a5361883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://htlp.emp-online.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 13:24:42 GMT
server: nginx
etag: W/"5f7c701a-3f97"
content-type: application/javascript
x-xss-protection: 1; mode=block

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 20ms
20ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:10 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H2 200 lila.php Show response
www.lacmp.net/ Frame DE3A 10 KB
3 KB 358ms
41ms XHR
text/html 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lacmp.net/lila.php?id=unk9N5KaFeWSJF0lAiMs&url=https%3A%2F%2Fhtlp.emp-online.ch%2Fhtlp_c.html%3Fwt_mc%3Dpt.connects._117581_._NNNNN_._Post-View%2520Partner_._WWWWW_.%26lea_source%3D2021071123401052684812799X117581V1541143261MS96186200161843302757754011652012&frameit=1&module=HTLP&event=HTLP&checkoutdomain=.emp-online.ch

Requested by

Host: tc.connects.ch
URL: https://tc.connects.ch/lila.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

71e9dbdd760868abf36c930b0c1a0ccbfa8df0a52d86836230f3379c15f72a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://htlp.emp-online.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 11 Jul 2021 21:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 33ms
20ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30aaba11d50ec8aaaeb98debc6680734da0eff8701b8d7c1f88ce1fd9c5029f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Jul 2021 21:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8424
x-xss-protection: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame D786 0
260 B 95ms
32ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 17:39:38 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 21:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 11 Jul 2021 21:40:10 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A475 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sun, 11 Jul 2021 20:56:31 GMT
expires: Mon, 11 Jul 2022 20:56:31 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6278 783 B
532 B 17ms
17ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73c864249ef5e5e5389c26746f7a7c406c5c66dc87c8166743af3fd8e511af1b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LL5TGhokua8tqv+DXSHDXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lookbook.nu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lookbook.nu/

Response headers

expires: Sun, 11 Jul 2021 21:40:10 GMT
date: Sun, 11 Jul 2021 21:40:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-LL5TGhokua8tqv+DXSHDXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 KtQVHgFmyc6avfEYQl6jwuIqHN0jrKlFlNnINk9N7x8.js Show response
pagead2.googlesyndication.com/bg/ Frame A475 35 KB
13 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KtQVHgFmyc6avfEYQl6jwuIqHN0jrKlFlNnINk9N7x8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ad4151e0166c9ce9abdf118425ea3c2e22a1cdd23aca94594d9c8364f4def1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 15:23:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13206
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Jul 2022 15:23:01 GMT

GET
H2 200 1SE1U Show response
www.getback.ch/ Frame DE3A 270 B
441 B 67ms
22ms Script
application/javascript 3.125.59.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getback.ch/1SE1U
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/9459338-Noel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.59.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a8d8d04e8c4673231645ec5bcb3cc6496a2ff8cd2819fe0145a6229ad8d0896b

Request headers

Referer: https://htlp.emp-online.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 11 Jul 2021 21:40:11 GMT
cache-control: max-age=2592000, public
server: nginx
content-type: application/javascript
content-length: 270
expires: Tue, 10 Aug 2021 21:40:11 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021070101&jk=4145019307699380&bg=!RkWlRQHNAAbV4AdB1eA7ACkAdvg8WmABCUwTzdfZTH5Mahzm-7gw2xN3k5vWlnE0LIFdlxYSBq87-gIAAABkUgAAAAtoAQcKAN8FoPiePztrW3jLJs-jyjPPq8w23UfCk-oWg8j5onLj8M7WbsOGalMMhgX4bT8sjwH79wXsY-eZGcs4eg-tC9iVxu31Loj3WBwV-J_S9-5AXACM-PDakk2y69pjnDFkkeiWAu565Xp5-89ADlUqwNuSYWCFSxIira_0cpUbafK2TTa1-ZBRpySDhiYhcS4aI2uBrF8Dqz6kAlpTlM-a-qB9fmUcDGu0y-barEU2H6NnDMsDuEkjrFh2kRbKtpCaY_3xx4f4_sFDekgYOisdUbO1USrhqSqFw1Zkm9_n2urEmQJvrgZF1bE_Eh9Qu6XSWmQa5R0EP7_wOme1uQ5Lb8UzjGMJ19ge51BwJk4s9r8-44OH0OGsy9HFgem0ny_7f2ZipJ9mTXFHXHe28uNc0O4aIBMd2H-x3y9SJvZKDOOy0WARJCUrvyU9s1aqPo1efYI1eC97tz-HvwavZZgz_JIocBY5cUITP643rdKL_xHOQAnEdoZlD1_z6JfnVuBje0jPNF-ci-BrYkkbsOK3tbXVIPz_BCTXLDQ5PG9OFvO4xoCKCQ6PrHf2e-D9rx3UQuVU9qDkIYMkYiXg5KRjVQhEsmMb-6E_AGLwmxhITvCvy1n62pzfQr6MiID_sclxf0BL2J7XzMlNitZsjIzViBRDSvU5tJsWXODbdkGcKUrinezzgBSDftAOZowvQIEupElHhV8FXZsib9Vh4znKcNpyW3aPML4Yx9yvIqRuFuHwn5busiJS15YZUpYpRYVD4Bern_AxCsXvBjF-xQz66I8j4ukSJZ2aICNU7X-QM4PxSfKpRyu2KHwwMJlQMZ31BlRdeQXCFHfsE2Gj9pyjdLNh6m99MEK4C5BqkbPGJKptrqbJUboyoWdO9MIJEGCJ0T7n7Uop7uO7xQRgjY9mPm6pHR02Q6RBmvzDR2nIw1iQIaxnQ8uDl_vxGH1qxqmP0QqQMdAFqyvU4PDkTTjUDFA59rahuh_19GlbnwY-G2ARNDVZS8PWBjbRvNis6M_YbqTSz0ovXMMrlqKyVeC62FFp45bBLfKGCnOIG6VDGMaLiQkhYQ7y6WgjdKKb8XKye2ZncD9kBvAa94WWcHhZ03P1oAhu3G-CO41Ov0byr_LyphI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jul 2021 21:40:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1SE1U.js Show response
static.getback.ch/clients/ Frame DE3A 114 KB
32 KB 50ms
15ms Script
application/javascript 13.224.99.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getback.ch/clients/1SE1U.js
Requested by: Host: www.getback.ch
URL: https://www.getback.ch/1SE1U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-3.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 376655a0c20744fd53a0b953bf6e47aa3e7712098104dc5e93fba8d0c4f31552

Request headers

Referer: https://htlp.emp-online.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 02:32:06 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 11:09:44 GMT
server: AmazonS3
age: 68886
etag: W/"be39231ed570c65a9f31c163aa09da76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: WtpKqTLC-P87TLWQRYpK7FDVkDfah2RUVAJ9NOrkq0yZh0fEpLPERw==

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
20ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:11 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad12.ad-srv.net/ Frame 1FFA 0
150 B 23ms
23ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/viewability?s=96186200161843302757754011652012&a=beb4193c&vb=v
Requested by: Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 21:40:11 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
20ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:11 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
20ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:12 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
21ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:12 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
21ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:13 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
20ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:13 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
21ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:14 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
20ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:14 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
20ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:17 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 35ms
34ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:20 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 22ms
21ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:23 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
21ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:26 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
20ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:29 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad12.ad-srv.net/ Frame 1FFA 0
150 B 68ms
23ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/viewability?s=96186200161843302757754011652012&a=beb4193c&vb=v20
Requested by: Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad12.ad-srv.net/request_content.php?s=96186200161843302757754011652012&a=ed3cdfdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 21:40:30 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
21ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:32 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 25ms
25ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:35 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 52ms
52ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:38 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
20ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:43 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame DC22 0
119 B 22ms
21ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:48 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility
brain.rvty.net/RTB/ Frame DC22 0
119 B 21ms
21ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=1379896&bannerId=188772&e=3&p=YOtlOAAEE20Iu8fyAAKiNZZopyHpo2S3FF7Ogg&penc=&bp=61538&a=60eb6538-0005-0b81-08bb-c96f2e090811&n=1&geo=44&rawURL=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel&rawReferrerURL=&uid=908de8ad-1902-4d6e-9e35-86f714e5bc3e&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QBhACSRAEMc4BGZAGywHM4AOAOgAZkUIcReJQDOOGgFNilRjTgAWAOw8AvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGA0uOGXrYO2mEPKP7_UPtcSKkAjm_qP3XJbJlNdpwI23ARABIABg9QWCARdjYS1wdWItMDc5MDg5NDE0ODQ1MTc4NcgBCakCb9jV1Tbtsz7gAgCoAwGqBMwBT9CULKCYsmxLNJpHzqFuLOUBfFbQ23QVNH0FgbiPEdkaPWrCjrHDIZmFPNrcHZXQV6vVUCNzX_D0Xq0IBW--n2LaO5fwC-ilIyWBAfjRL4Ejkb-RL48xrtWEHPvokBrgHCX7mVzhQ9lYTGUAqO5AikZhTbAawmIuwaKdTGD3TBtKJSqdFqsfQNJdm2MwqWbzX0m1BpB04zeomgA7_dJFJaoV1LUgu1Ja39UWp3WjquDs7GknVuxjU_af_upIwwCBkeVzysdYGlbxgmGO4AQBgAbLnoHipvGE2RCgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIhhEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FkYXhOwZfWnPH9LY41rAscF1PbA%26client%3Dca-pub-0790894148451785%26adurl%3D&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 11 Jul 2021 21:40:53 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=32930239-e300-4e84-8205-3dc868716562&u=https%3A%2F%2Flookbook.nu%2Fuser%2F9459338-Noel

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adform.net/	1970-01-19 21:07:03	Name: uid Value: 5290743797014796755
.ad-srv.net/	1970-01-19 21:50:15	Name: kdb0xdq3ls8m_uid Value: f70125de99b3dbcf
eus.rubiconproject.com/	1970-01-19 21:50:15	Name: pux Value: 2249%3D101038%262307%3D101038%262974%3D101038%263778%3D101038%26brx%3D101038%26goog%3D101038%262249-DV360-Hosted%3D101038%26idl%3D101038%26
.pubmatic.com/	1970-01-19 20:23:51	Name: PugT Value: 1626039608
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_52 Value: 22772-R1B342_E0123999_14B84F33B&KRTB&23092-R1B342_E0123999_14B84F33B
.bidr.io/	1970-01-20 05:09:13	Name: bito Value: AAAVyE7B1soAADYjfXM1pw
.rubiconproject.com/	1970-01-20 04:26:15	Name: khaos Value: KQZQ001P-21-2ZYY
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_594 Value: 17105-RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003&KRTB&17107-RX-1e32e7c9-2ced-437f-9832-5e793cdba9fc-003
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_153 Value: 19420-x7DZ38e1j4XcsYvclbGRjse2itzctoyPweN_N0LR&KRTB&22979-x7DZ38e1j4XcsYvclbGRjse2itzctoyPweN_N0LR
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_377 Value: 6810-30a274be-4682-48cb-b7b2-1a0afee7351e&KRTB&22918-30a274be-4682-48cb-b7b2-1a0afee7351e&KRTB&23031-30a274be-4682-48cb-b7b2-1a0afee7351e
.rubiconproject.com/	1970-01-20 04:26:15	Name: audit Value: 1\|NWukCql2a/byEHhQcADcylU/Xans9JLwJEhq8tuwU+U9+GVz/DSOw3q11JIgcwvZdC+kD8lo73LqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_80 Value: 22987-CAESEHQvQ_kprcnYDpdnwpVKONU&KRTB&16514-CAESEHQvQ_kprcnYDpdnwpVKONU&KRTB&23025-CAESEHQvQ_kprcnYDpdnwpVKONU
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_27 Value: 16735-uid:aef960eb-6538-4500-9c28-d4008cde801c&KRTB&16736-uid:aef960eb-6538-4500-9c28-d4008cde801c&KRTB&23019-uid:aef960eb-6538-4500-9c28-d4008cde801c&KRTB&23114-uid:aef960eb-6538-4500-9c28-d4008cde801c
.pubmatic.com/	1970-01-19 21:50:15	Name: DPSync3 Value: 1627171200%3A201_197%7C1626566400%3A164%7C1626048000%3A174
.pubmatic.com/	1970-01-19 21:50:15	Name: SyncRTB3 Value: 1627171200%3A220_21_13_166_3_99_22_55_8_54_7_178_71_104_48%7C1626825600%3A63%7C1626566400%3A2_223_15%7C1627257600%3A35
.pubmatic.com/	1970-01-19 21:50:15	Name: chkChromeAb67Sec Value: 1
.adform.net/	1970-01-19 20:25:18	Name: C Value: 1
.pubmatic.com/	1970-01-19 21:50:15	Name: KADUSERCOOKIE Value: 251F9F75-7846-4790-9F93-A251411270C8
.openx.net/	1970-01-20 04:26:15	Name: i Value: 19fc67f9-22dd-0b72-1020-15993b28e6a8\|1626039608
brain.rvty.net/	1970-01-20 04:26:22	Name: RTBUserId Value: 908de8ad-1902-4d6e-9e35-86f714e5bc3e
.amazon-adsystem.com/	1970-01-21 17:28:10	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 02:00:49	Name: ad-id Value: A0ZMGdsQH0MslCSyM2DjJsw
.lookbook.nu/	1970-01-20 05:02:15	Name: __gads Value: ID=62debac2cf15ae03-2207973f7ac8000f:T=1626039608:S=ALNI_MaL-8UlCJypS6gaybdj64AhFG1FCg
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_57 Value: 22776-3741028058712879815
.lookbook.nu/	1970-01-19 19:42:06	Name: _gid Value: GA1.2.1562436812.1626039608
.lookbook.nu/	1970-01-19 19:50:44	Name: _lookbook_session Value: BAh7C0kiD3Nlc3Npb25faWQGOgZFVEkiJTYwMGZlM2VkZTFiMjkwOGIyMjE5NGUwYmUwNjAyMGEyBjsAVEkiEG1vYmlsZV92aWV3BjsARkZJIgpnZW9pcAY7AEZ7DjoRY291bnRyeV9jb2RlIgdkZToSY291bnRyeV9jb2RlMyIIREVVOhFjb3VudHJ5X25hbWUiDEdlcm1hbnk6C3JlZ2lvbiIHMDU6EHJlZ2lvbl9uYW1lIgtIZXNzZW46CWNpdHkiDkZyYW5rZnVydDoQcG9zdGFsX2NvZGUiCjYwMzEzOg1sYXRpdHVkZWYTNTAuMTE2Njk5MjE4NzU6DmxvbmdpdHVkZWYWOC42ODMzMDAwMTgzMTA1NDdJIgtsb2NhbGUGOwBGSSIHZW4GOwBGSSIOcGFnZXZpZXdzBjsARmkGSSIQX2NzcmZfdG9rZW4GOwBGSSIxUkFaWG52RHozc3V5aVRINHZSQUk0ZGVTKzBWUklWbGJLWnpIUUJEcEhxMD0GOwBG--b772b3f99a9c2f6934e3ab3d641ffaee6eefaef6
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_218 Value: 22978-YOtlOQACwKFm3wA4&KRTB&23194-YOtlOQACwKFm3wA4&KRTB&23209-YOtlOQACwKFm3wA4&KRTB&23244-YOtlOQACwKFm3wA4
lookbook.nu/user	1969-12-31 23:59:59	Name: bookmark Value: null
lookbook.nu/user	1970-01-19 20:23:51	Name: 30-day Value: 1-1628631608017
.lookbook.nu/	1970-01-20 05:05:08	Name: __qca Value: P0-1374239706-1626039608087
.emp-online.ch/	1970-01-19 19:50:51	Name: lea_source_pv Value: 2021071123401052684812799X117581V1541143261MS96186200161843302757754011652012
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_22 Value: 14911-3385153130245524089
.lookbook.nu/	1970-01-19 19:40:39	Name: _gat Value: 1
.pubmatic.com/	1970-01-19 20:23:51	Name: SPugT Value: 1626025178
lookbook.nu/	1969-12-31 23:59:59	Name: last_op_at Value: 1626039607
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_279 Value: 22890-908d28e3-e290-11eb-9ad4-f9d7ba686671&KRTB&23011-908d28e3-e290-11eb-9ad4-f9d7ba686671
lookbook.nu/user	1969-12-31 23:59:59	Name: last_session_at Value: 1626039608016
lookbook.nu/user	1970-01-19 19:50:44	Name: 7-day Value: 1-1626644408016
lookbook.nu/user	1970-01-19 19:42:06	Name: 1-day Value: 1-1626126008016
.emp-online.ch/	1970-01-19 19:42:06	Name: HtLpTx Value: Connects
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_466 Value: 16530-91608fde-f96d-44ab-ac1c-295d1d85b97a
.pubmatic.com/	1970-01-19 21:50:15	Name: PUBMDCID Value: 3
.bidr.io/	1970-01-20 05:09:13	Name: bitoIsSecure Value: ok
.openx.net/	1970-01-19 20:02:15	Name: pd Value: v2\|1626039608\|gen0vNiygu
.pubmatic.com/	1970-01-19 20:23:51	Name: KRTBCOOKIE_188 Value: 3189-988bc071-ed13-4ea0-af52-962784235851-60eb6539-4348
.lookbook.nu/	1970-01-20 13:11:51	Name: _ga Value: GA1.2.1885889162.1626039608

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://lbstatic.nu/assets/application-a51a596c576aa3cdb24732f481827415.js(Line 14) Message: LB.Views.Analytics init
console-api	log	URL: https://lbstatic.nu/assets/application-a51a596c576aa3cdb24732f481827415.js(Line 15) Message: Dark header init
console-api	log	URL: https://lbstatic.nu/assets/application-a51a596c576aa3cdb24732f481827415.js(Line 15) Message: LB.Views.Main init
console-api	log	URL: https://lbstatic.nu/assets/application-a51a596c576aa3cdb24732f481827415.js(Line 18) Message: LB.Views.Retention init
console-api	log	URL: https://static.getback.ch/clients/1SE1U.js(Line 1) Message: no storage support

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c962f6b32b49734bb722f04704c7301.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.ad-srv.net
ad.turn.com
ad12.ad-srv.net
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
amazon-tam-match.dotomi.com
brain.rvty.net
c.amazon-adsystem.com
c1.adform.net
cct.connects.ch
cdn.contentspread.net
cdn.rvty.net
cm.g.doubleclick.net
connect.facebook.net
dis.criteo.com
edge.quantserve.com
eu-u.openx.net
eus.rubiconproject.com
htlp.emp-online.ch
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
kaspersky.commander1.com
lbstatic.nu
lookbook.nu
match.adsrvr.org
match.prod.bidr.io
media.acfrg.com
media.kaspersky.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pmp.mxptint.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb.adentifi.com
rules.quantcount.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
static.getback.ch
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tc.connects.ch
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
ws.rqtrk.eu
www.adtracker.ch
www.awin1.com
www.facebook.com
www.getback.ch
www.google-analytics.com
www.google.com
www.googletagservices.com
www.lacmp.net
x.bidswitch.net
c.amazon-adsystem.com
104.109.78.125
104.111.239.217
13.224.103.105
13.224.99.14
13.224.99.3
13.248.242.197
13.37.72.132
138.201.63.164
142.250.185.98
151.101.14.49
169.50.137.190
178.250.0.163
18.156.0.31
185.29.132.69
185.33.220.244
185.64.189.110
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.81
185.85.15.31
2.18.233.180
2001:678:cb4:bbbb::11
204.2.255.233
213.19.147.44
213.19.147.45
216.58.212.130
2600:9000:2156:1c00:13:99a2:1280:93a1
2600:9000:2156:fa00:c:6264:8240:93a1
2600:9000:2190:f600:6:44e3:f8c0:93a1
2606:4700:20::681a:12
2606:4700:3034::6815:48a4
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::2002
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9c
2a02:fa8:8806:16::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.125.59.88
35.156.19.236
35.244.159.8
35.244.174.68
37.157.2.236
5.148.168.135
51.75.146.159
51.75.147.170
52.21.104.248
52.30.92.119
52.95.124.165
54.236.227.29
66.155.71.150
69.173.144.138
69.173.144.139
84.200.5.215
89.163.211.233
89.163.211.242
94.130.102.164
00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054
03ba4b50317d21edccc468f1412ae13890a6fcc895aa29627227c2f2c29a4db4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0bca5dd458211bdc84100848e395d084151bd6554beb61476b8d66112a05d3fb
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cca1f2badb6a1b90d4601587403e9752e10e78fd2e4a12df71c659607a42903
0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873
1852ec5957212ab1ddc679453216178799dd25a2c75985a885e7d467328795e1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b0df5acd41c11fc146d64795aa729d99370a98109ce1e441db4ac0b7f69d025
1ea21cbab901996205857c8fe0ab2e6f54d0c28bd497cadc6836df3f7b196e3c
202f5a44ef1b1fac13c36c93eee29c52cd61f6e4f3f3ccbc35ce23683cc605bd
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
230ab07bf6fa231fda55859f912cb72d2c652928fec18367401069a5c977e7d3
2638fd10032e14c3b6193896ec54c8bb14657f49fb71a67fbd1710abc28fe899
299920669c7ec8c0add3c58f21eea89871a531545df0b8d70c46db2f44ff4cc4
2ad4151e0166c9ce9abdf118425ea3c2e22a1cdd23aca94594d9c8364f4def1f
2bbd412bfc6e2aefaee5cf0648ad34e5ae55f21b7baec795169ad9d1a5361883
2c3b18ac8b2e0c6f6a051aa64130338b184036af8827228836b02d1c0da1fb66
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
305030926c53938a6a6df942f51a6f19378407838dc1ec5996580a391af7efe2
30aaba11d50ec8aaaeb98debc6680734da0eff8701b8d7c1f88ce1fd9c5029f5
376655a0c20744fd53a0b953bf6e47aa3e7712098104dc5e93fba8d0c4f31552
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bd8a607989bdf4c7a110d26d2922aeb510f97688ff4226e6cc0a6a87515a58
49027a43e5d8327a503757b65fe0fcc586029d6d84c3390eddf68b3fc443cbfb
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b01f1d4f25f792a5aeaf377e16c55ac53a94ea3e5696d98ee6de29e74934d07
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fdc97e2ac571b50ecdd5ae9e0cb93540430c0326ccf2343a8546e98ea267d73
52c63a6caba14c7b8f9c4925792bdf4d3d70ca5929497deac82135e9a2173ebf
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
62a3db024852723b27a9a2dba164c4caf1576b9bd58a82ee287b44afaa51b330
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71e9dbdd760868abf36c930b0c1a0ccbfa8df0a52d86836230f3379c15f72a3e
73c864249ef5e5e5389c26746f7a7c406c5c66dc87c8166743af3fd8e511af1b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7cfab6a75576c6827a6d5dd7f823e993678ee3161fed858ca4bb51ae8ce96677
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87f57bd2603890923332799b25a61df01939eb2317af8a300156b51fb0827243
8b984d4972311b45d5301e5b8b426968e40105532c328b7c08faef65523a99ce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7600604cb30e42b1511c91d29c886de204d3f46d8c265b9c35b0960ccf8195
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99f73ec26d9716363ea8ea73560d10f91d63cf18e32103bcead35559ba1ac361
9d374f5440583796de4ca7a94968168b5177be11aa103b3382f637a7c7deb4af
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8d8d04e8c4673231645ec5bcb3cc6496a2ff8cd2819fe0145a6229ad8d0896b
a9aab9a81ed9cdb217eefe585e153cc2f64ea8792d5adf9060538a9b0b44ce4f
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ab5e6e5d8293917e30f7b8f52831106b71c306caf220ba2c09d8f528a6411eda
ac2611aa7c5619772321940af938294a3302f9ac2db71561a984be33c009d01b
b2a85c91c46dcb480f5253cbf0cfc61a63eb1a296b065deb2f7e8e52f8e99694
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c53cb61e2947d208c306c8680d407115d7663d1920ef125ecdb1ffa417f22fcc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d2d124ddb0bb761c045744286a65eba3d53bdaa0e0ce9d4c1b7a33e4736b6f31
d75068eff86c3491577fd62a86922f9cca41c89f0d06b6643632dd7a27a63913
d9ccee9255f473e47a7eff4e4dab7449a4b8ca3c88631e91bc3b28af7bec12a4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ed21592b9ac4f31c456cd8a88084e19bdd7e713b8408d3689e5532398c2f82c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fca1fb4990a3abf9e6bba05433ed88ac85bfc8471a273c9c306a7685ace89d26
fd66670e33f248ddc8f8accfb0173af1e10af2389bd59f04ff148ed3e7ff3025
ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3

lookbook.nu Open in urlscan Pro 2606:4700:3034::6815:48a4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

151 Requests

99 %HTTPS

34 %IPv6

50 Domains

75 Subdomains

56 IPs

10 Countries

1387 kBTransfer

3362 kBSize

46 Cookies

1 Outgoing links

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lookbook.nu Open in urlscan Pro
2606:4700:3034::6815:48a4 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

99 %
HTTPS

34 %
IPv6

50
Domains

75
Subdomains

56
IPs

10
Countries

1387 kB
Transfer

3362 kB
Size

46
Cookies

151 HTTP transactions
1 data transactions