imginn.com Open in urlscan Pro
2606:4700:20::ac43:4675 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://imginn.com/redpilltotal/
Submission: On November 14 via manual (November 14th 2022, 11:48:04 pm UTC) from BR — Scanned from DE

Summary HTTP 193 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 60 IPs in 10 countries across 69 domains to perform 193 HTTP transactions. The main IP is 2606:4700:20::ac43:4675, located in United States and belongs to CLOUDFLARENET, US. The main domain is imginn.com. The Cisco Umbrella rank of the primary domain is 378899.
TLS certificate: Issued by E1 on October 6th 2022. Valid for: 3 months.

This is the only time imginn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:20:... 2606:4700:20::ac43:4675	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
25	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	168.95.245.2 168.95.245.2	131660 (CHTCDN Da...) (CHTCDN Data Communication Business Group)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	154.51.131.137 154.51.131.137	174 (COGENT-174) (COGENT-174)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1 2	185.172.90.252 185.172.90.252	49981 (WORLDSTREAM) (WORLDSTREAM)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
7	88.221.169.78 88.221.169.78	16625 (AKAMAI-AS) (AKAMAI-AS)
3	95.101.201.170 95.101.201.170	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
1 1	139.162.78.222 139.162.78.222	63949 (LINODE-AP...) (LINODE-AP Linode)
3 8	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	54.178.139.24 54.178.139.24	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	3.127.178.250 3.127.178.250	16509 (AMAZON-02) (AMAZON-02)
20	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:231... 2600:9000:2315:7a00:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
3 3	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.214.5.219 52.214.5.219	16509 (AMAZON-02) (AMAZON-02)
1	52.197.61.177 52.197.61.177	16509 (AMAZON-02) (AMAZON-02)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.253.97.99 34.253.97.99	16509 (AMAZON-02) (AMAZON-02)
1	18.184.112.206 18.184.112.206	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.119.91 3.126.119.91	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.19.19.12 52.19.19.12	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.17.7.52 52.17.7.52	16509 (AMAZON-02) (AMAZON-02)
2 3	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	18.158.8.202 18.158.8.202	16509 (AMAZON-02) (AMAZON-02)
2 2	34.253.143.131 34.253.143.131	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:0:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.137.121 185.86.137.121	201081 (SMARTADSE...) (SMARTADSERVER)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	132.226.63.138 132.226.63.138	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1 1	23.203.81.208 23.203.81.208	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:1f18:e8a... 2600:1f18:e8a:cd02:882c:d916:bae1:7722	14618 (AMAZON-AES) (AMAZON-AES)
2	18.169.123.253 18.169.123.253	16509 (AMAZON-02) (AMAZON-02)
1	94.130.160.79 94.130.160.79	24940 (HETZNER-AS) (HETZNER-AS)
1	108.157.4.61 108.157.4.61	16509 (AMAZON-02) (AMAZON-02)
2	108.157.4.74 108.157.4.74	16509 (AMAZON-02) (AMAZON-02)
4	3.11.224.13 3.11.224.13	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::1c 2a02:2638::1c	() ()
1	95.101.200.23 95.101.200.23	() ()
193	60

9 2606:4700:20::ac43:4675 (United States)

ASN13335 (CLOUDFLARENET, US)

imginn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d9.imginn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d1.imginn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.95.245.2 (Palo Alto, United States)

ASN131660 (CHTCDN Data Communication Business Group, TW)
PTR: 168-95-245-2.hinet-ip.hinet.net

imageproxy.pimg.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 154.51.131.137 (London, United Kingdom)

ASN174 (COGENT-174, US)

tags.h12-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bidder.h12-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

f.h12-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.252 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 88.221.169.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-78.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.201.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-201-170.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.78.222 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.178.139.24 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-139-24.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.127.178.250 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-250.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:7a00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.212 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.5.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-5-219.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.197.61.177 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-61-177.ap-northeast-1.compute.amazonaws.com

sync-jp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.97.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-97-99.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.112.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-112-206.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.119.91 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-119-91.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.19.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-19-12.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.7.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.8.202 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.143.131 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-143-131.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:0:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.121 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.226.63.138 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.81.208 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-81-208.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.169.123.253 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-123-253.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.160.79 (Karlsruhe, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.79.160.130.94.clients.your-server.de

tm.simptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-61.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-74.dus51.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.11.224.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (None, )

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.200.23 (None, )

ASN- ()

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1054 widget-pixels.outbrain.com — Cisco Umbrella Rank: 2688 odb.outbrain.com — Cisco Umbrella Rank: 1419 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5407 sync.outbrain.com — Cisco Umbrella Rank: 774	99 KB
25	demand.supply live.demand.supply — Cisco Umbrella Rank: 35841 api.demand.supply — Cisco Umbrella Rank: 53384	35 KB
21	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 ad.doubleclick.net — Cisco Umbrella Rank: 173	208 KB
20	googlesyndication.com 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	130 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28280 ad4m.at — Cisco Umbrella Rank: 9541 assets.ad4m.at — Cisco Umbrella Rank: 36321	653 KB
9	imginn.com imginn.com — Cisco Umbrella Rank: 378899 d9.imginn.com d1.imginn.com — Cisco Umbrella Rank: 689513	87 KB
6	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 8592 log.outbrainimg.com — Cisco Umbrella Rank: 2295 images.outbrainimg.com — Cisco Umbrella Rank: 2136	101 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	h12-media.com tags.h12-media.com — Cisco Umbrella Rank: 90246 f.h12-media.com — Cisco Umbrella Rank: 103241 bidder.h12-media.com — Cisco Umbrella Rank: 123337	374 KB
5	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 17892 api.webgains.io — Cisco Umbrella Rank: 57986	31 KB
5	pubmatic.com 5 redirects image8.pubmatic.com — Cisco Umbrella Rank: 561 image2.pubmatic.com — Cisco Umbrella Rank: 882 image4.pubmatic.com — Cisco Umbrella Rank: 822	2 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	109 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1084 id5-sync.com — Cisco Umbrella Rank: 479	19 KB
3	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1225	3 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	3 KB
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 9058 flint.defybrick.com — Cisco Umbrella Rank: 8712	20 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8709	1 KB
3	pimg.tw imageproxy.pimg.tw — Cisco Umbrella Rank: 190392	27 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 57421	71 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 45190	4 KB
2	360yield.com 2 redirects ice.360yield.com — Cisco Umbrella Rank: 1886	827 B
2	emxdgt.com 2 redirects cs.emxdgt.com — Cisco Umbrella Rank: 942	846 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 280	589 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418	2 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 612	787 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 631 gum.criteo.com mug.criteo.com Failed	363 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 582	951 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 865	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 341	919 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 197	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 531	1 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321 id.rlcdn.com — Cisco Umbrella Rank: 540	140 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1226	460 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4495	651 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 99097 static-de.ad4mat.net — Cisco Umbrella Rank: 135123	4 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1201 cs.media.net	1 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7264	2 KB
2	gstatic.com fonts.gstatic.com	48 KB
1	simptrack.com tm.simptrack.com — Cisco Umbrella Rank: 89682	875 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 85917	517 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15574	686 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1440	332 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 510	528 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 615	496 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 559	191 B
1	technoratimedia.com sync.technoratimedia.com — Cisco Umbrella Rank: 1152	298 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 241	595 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 807	415 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 661	242 B
1	openx.net u.openx.net — Cisco Umbrella Rank: 656	304 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 714	265 B
1	rubiconproject.com pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 823	239 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 926	344 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442	473 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 967	428 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 434	502 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 530	338 B
1	im-apps.net sync-jp.im-apps.net — Cisco Umbrella Rank: 3555	194 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1763	710 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2999	1 KB
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 3567	44 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 13802	558 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185 Failed	48 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 881	166 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2536	343 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	77 KB
0	geistm.com Failed id.geistm.com Failed
193	69

	Domain	Requested by
22	live.demand.supply	imginn.com live.demand.supply client
16	sync.outbrain.com	widgets.outbrain.com
11	tpc.googlesyndication.com	imginn.com cdn.ampproject.org 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net imginn.com
8	cm.g.doubleclick.net	3 redirects imginn.com 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
7	pagead2.googlesyndication.com	9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com imginn.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	widgets.outbrain.com	f.h12-media.com widgets.outbrain.com imginn.com
5	x.bidswitch.net	5 redirects
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	imginn.com	imginn.com
4	api.webgains.io	analytics.webgains.io
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com as.ad4m.at ad4m.at
3	image8.pubmatic.com	3 redirects
3	loadus.exelator.com	2 redirects widgets.outbrain.com
3	ib.adnxs.com	3 redirects
3	log.outbrainimg.com	widgets.outbrain.com
3	id5-sync.com	cdn.id5-sync.com 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com widgets.outbrain.com
3	www.google.com	imginn.com 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com tpc.googlesyndication.com
3	api.demand.supply	live.demand.supply
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	tags.h12-media.com	imginn.com f.h12-media.com
3	imageproxy.pimg.tw	imginn.com
2	cdn.track.production.webgains.team	as.ad4m.at
2	track.webgains.com	as.ad4m.at
2	flint.defybrick.com	rock.defybrick.com imginn.com
2	ad.doubleclick.net	2 redirects
2	ice.360yield.com	2 redirects
2	cs.emxdgt.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	creativecdn.com	2 redirects
2	c1.adform.net	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	match.adsrvr.org	2 redirects
2	dpm.demdex.net	1 redirects widgets.outbrain.com
2	b1sync.zemanta.com	2 redirects
2	images.outbrainimg.com	imginn.com
2	sync.teads.tv	1 redirects 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
2	d5p.de17a.com	2 redirects
2	pbjs.e-planning.net	1 redirects imginn.com
2	9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	f.h12-media.com	tags.h12-media.com
2	d1.imginn.com	imginn.com
2	d9.imginn.com	imginn.com
2	fonts.gstatic.com	imginn.com fonts.googleapis.com
1	cs.media.net
1	gum.criteo.com
1	analytics.webgains.io	track.webgains.com
1	tm.simptrack.com	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	trace.mediago.io	1 redirects
1	bh.contextweb.com	1 redirects
1	cms.quantserve.com	1 redirects
1	pixel-sync.sitescout.com	widgets.outbrain.com
1	id.rlcdn.com	widgets.outbrain.com
1	sync.technoratimedia.com	widgets.outbrain.com
1	c.bing.com	widgets.outbrain.com
1	ssbsync.smartadserver.com	1 redirects
1	s.ad.smaato.net	widgets.outbrain.com
1	u.openx.net	widgets.outbrain.com
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	sync.crwdcntrl.net	widgets.outbrain.com
1	pixel-us-east.rubiconproject.com	widgets.outbrain.com
1	ps.eyeota.net	widgets.outbrain.com
1	dsp.adfarm1.adition.com	1 redirects
1	jadserve.postrelease.com	widgets.outbrain.com
1	dis.criteo.com	widgets.outbrain.com
1	aa.agkn.com	widgets.outbrain.com
1	beacon.krxd.net	widgets.outbrain.com
1	sync-jp.im-apps.net	widgets.outbrain.com
1	idsync.rlcdn.com	widgets.outbrain.com
1	rock.defybrick.com	widgets.outbrain.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	static-de.ad4mat.net	as.ad4m.at
1	sync.inmobi.com	1 redirects
1	a.rfihub.com	1 redirects
1	cc.adingo.jp	9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
1	a.c.appier.net	1 redirects
1	odb.outbrain.com	widgets.outbrain.com
1	prod-rtb.ad4mat.net	imginn.com
1	widget-pixels.outbrain.com	imginn.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.googletagservices.com	securepubads.g.doubleclick.net 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	prebid.media.net	f.h12-media.com
1	prebid.a-mo.net	f.h12-media.com
1	bidder.h12-media.com	f.h12-media.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	imginn.com
0	mug.criteo.com Failed
0	id.geistm.com Failed	widgets.outbrain.com
193	97

This site contains links to these domains. Also see Links.

Domain
scontent.cdninstagram.com
sulvo.com

Subject Issuer	Validity	Valid
worker.imginn.com E1	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.pimg.tw Gandi Standard SSL CA 2	`2022-01-12` - `2023-01-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.h12-media.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-10` - `2023-09-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-26` - `2023-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
rock.defybrick.com Amazon	`2022-05-09` - `2023-06-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.im-apps.net Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
simptrack.com R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://imginn.com/redpilltotal/
Frame ID: DF4EB4D19B646A947F369EC87DE28D83
Requests: 65 HTTP requests in this frame

Frame: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222001%3Aac8%3A20%3A302%3A%3A202e%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%2264e985fb18d9f717e102af55b048ecc6%22%2C%22adunitid%22%3A%2223818%22%2C%22topurl%22%3A%22https%3A%2F%2Fimginn.com%2Fredpilltotal%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%220ugc6ffhuty%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A1%2C%22hourofday%22%3A23%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C1747%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C1747%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.31617507982758264
Frame ID: 824691481515B8615B65D32245C9E746
Requests: 8 HTTP requests in this frame

Frame: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4CCCEC19178DA0908660471C7BD823F7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQLWG6pNgKz58VE4HDzON8cZUDHwhM5DEqcwv1CvlTJH-gwVenHKpmdeyKeCxWzchki7bfpyRyktPhIiZbSaCzBJrGVZ5TxVRzvovTe2OI1sLsvSPWpNGH6jmFdl87IuxCaNyEHQ-JYITrFPkEYYpzMO-Rgo-8TGIvUujf-PK9OLSEJRBio4i9N0ZAQZWsZrYfMiSztSieBgxqsOhGZVtmCfuv_3PtsrvkgyAGBHB-JiuV-6BiF60bvRqWndENzAzlx5Vy5Ac_Gk6Jsuu2L4J6Q5lUAPQEvG-vLnD1w9WDn5PlE24Bx25bxcQyx6qS4iJhkqBSE7s9Y3vANtFmBPQP6ZM_waORCXGASyuCFlIDDAzg6_ldLsgdc2Fd91joZrEEpQ&sai=AMfl-YSXegphbojAz4_xp2h_-64Ax3ZJiIbWGEljPJFA024XBOgXPQW8LmWUbPWHRbSbCjE5GGZJSTK6jaaziN-XGvH2TJ7_JKZUrcv8o0bo3eBsPO-UQBfQ3kt2-QljR-TSndzYJQ&sig=Cg0ArKJSzL0rmuv1WTmVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BB6061A76B89078ACC2175F1DCED9DBE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 78755FCC9407E355278729A626257F96
Requests: 18 HTTP requests in this frame

Frame: https://widgets.outbrain.com/outbrain.js
Frame ID: 01A8C80B32184FE615FB366D36CECD1B
Requests: 15 HTTP requests in this frame

Frame: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4F8FC815C104BE768FF2E5CD80B3B4A0
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jjad4g9vpv306maqqnf9v0nvqtrcc9m923g1hhr54avphmdex0drnb1b86rry5qjbzryq073dvfp2r8zmv52bykc1rqng5rc76spw97epkcaxawt45t7zfkn4esbwskd7e4kn26he90vqnr4nk8vh5e375mth2fd978f7v3zrmkjx4p6ghvfrbdqekt1ehgzs5wdfan82wwkmnbn4ke1847pt2z7e39kh5bhjpaenjfzmth2x7bejxxbkh207w7f3rkzxz3gwqy6p6hjqqpawrvmg5dn4rrgr3r20n7jfk87tvdhqswqfnd416b70a669jt0x4xb68ssd0qq0rawagje6v6jajrxm48z6tjf1961rpam7gjp5xxev44kc5t51f6y40amq96m1j9afsdjtjpa4ygmwc03966r9g024s4wd66n7et62t0yf2sz9xs2hjkr48q&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: B5CB755C9CE0F0F4E16ABF93613C2E5B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1978F40D9F1EDB5474595450F3275849
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 41AD64D1D25D406506074209D30D5856
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=03fa2eb9-282d-4c5e-8174-ac2db8fa32e5
Frame ID: 1514CDFB6FB14A13B7D6129002EFC62B
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 0158BFC3A6CBCFBEE1528E94C44919A1
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: B49926EEBA6D07B3DA9BF43F8DCB678B
Requests: 36 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Frame ID: 0B557321BA174133C625BE0BFF51BB6E
Requests: 16 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2
Frame ID: 763639896F5572884487AE9856DE12D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4EDC3D745663FCD797AE3F2FD5315680
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 523CB508ECD0F05101D20316D0883204
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

summer! (@redpilltotal) download instagram stories highlights, photos, videos - ImgInn.com

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

193
Requests

83 %
HTTPS

31 %
IPv6

69
Domains

97
Subdomains

60
IPs

10
Countries

2158 kB
Transfer

4692 kB
Size

80
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://scontent.cdninstagram.com/v/t51.2885-15/314397230_1699514110434296_8154717313430435840_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent.cdninstagram.com&_nc_cat=108&_nc_ohc=AYAWd8Dz8gIAX99QvwY&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=Mjk2NTcwNzcxNDQ0NzAwNzY0Ng%3D%3D.2-ccb7-5&oh=00_AfAFIYHJe-lRVl0PkcyUQKAG9ME8Y5BeN9nXVUiBszCv6w&oe=63789BA1&_nc_sid=8fd12b&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent.cdninstagram.com/v/t51.2885-15/292671541_1275872376517416_6750607265829308851_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent.cdninstagram.com&_nc_cat=100&_nc_ohc=vutnLXlO7A0AX9mymOO&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=Mjg3OTQyNDgzNTg3MTk4MTc3OQ%3D%3D.2-ccb7-5&oh=00_AfCssYeKnOZvLMGymd6_S5SH8riRomw6MIIRYWz6A4t2CA&oe=6377A7D2&_nc_sid=8fd12b&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent.cdninstagram.com/v/t51.2885-15/267610993_211469367821429_1437715236956505432_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent.cdninstagram.com&_nc_cat=105&_nc_ohc=U5dfIEmpBVAAX_n5Z0F&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MjcyOTU1NTkxODI4NzMyODAxOA%3D%3D.2-ccb7-5&oh=00_AfA3gSvWQHRk87-8_4ZxGfsiHu9XRf1ltHh3BuPO0MwH7w&oe=63781CB9&_nc_sid=8fd12b&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent.cdninstagram.com/v/t51.2885-15/267408966_1251892418640678_7850863363478673937_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent.cdninstagram.com&_nc_cat=106&_nc_ohc=R0caOW2d1lUAX-iRTTu&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MjcyOTUzNTQ5ODc0NjIwNzE2Nw%3D%3D.2-ccb7-5&oh=00_AfC9eOUJIZg3ATC9tZMxnwZsBqNheOd9SFkCw30UYTIgjQ&oe=6377CB7F&_nc_sid=8fd12b&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent.cdninstagram.com/v/t51.2885-15/261184142_316387133642943_9856915771315303_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent.cdninstagram.com&_nc_cat=103&_nc_ohc=3Oo1Z0UYvhQAX_MbFg1&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MjcxNzAyMjY2OTYxNTA1NzMwMQ%3D%3D.2-ccb7-5&oh=00_AfCJLzOjpzZpZheTd5EYJDLZnExyuHeg5pM0czfIPngy_w&oe=6378C1DA&_nc_sid=8fd12b&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent.cdninstagram.com/v/t51.2885-15/133744088_756073995277584_3251973558897131583_n.jpg?stp=dst-jpg_e35&_nc_ht=scontent.cdninstagram.com&_nc_cat=100&_nc_ohc=6wozQad-nl0AX8iOLXW&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MjQ3NTc5OTQ2MDQ3Mjg0OTM5OQ%3D%3D.2-ccb7-5&oh=00_AfBnN74WV-q4xknCXcjpsq9NaAc95K09n2vevuQP_vRimQ&oe=63770303&_nc_sid=8fd12b&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://imginn.com/redpilltotal/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://pbjs.e-planning.net/pbjs/1/2d2a6/1/imginn.com/ROS?rnd=0.2615181460589955&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&pbv=7.16.0&ncb=1&vs=FFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&gdpr=1&gdprcs=CPifETHPifETHBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&e_pubcid=3cc9c70c-88ae-4414-a0f0-66b1782cfe85 HTTP 302
https://pbjs.e-planning.net/hb/1/2d2a6/1/imginn.com/ROS?ct=1&r=pbjs&rnd=0.2615181460589955&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&pbv=7.16.0&ncb=1&vs=FFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&gdpr=1&gdprcs=CPifETHPifETHBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&e_pubcid=3cc9c70c-88ae-4414-a0f0-66b1782cfe85

Request Chain 103

https://a.c.appier.net/gcm?google_gid=CAESEIoYDr8JDxs7noO6Ja0cqkg&google_cver=1&google_push=ASkJ3FZGWoyQBnZgiNvGKF57K-tX3fjU1TG5pV33zn8kTk9tIrXKH1ikNZM_H4a_OuSCgiL12InAEEvhQxOLVXbd8di4D_Mp1VF1Hw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RG1CUjhwS2NBUG1BRm5td3NOTnlZdw%3D%3D&google_push=ASkJ3FZGWoyQBnZgiNvGKF57K-tX3fjU1TG5pV33zn8kTk9tIrXKH1ikNZM_H4a_OuSCgiL12InAEEvhQxOLVXbd8di4D_Mp1VF1Hw

Request Chain 104

https://d5p.de17a.com/cookies/google?google_gid=CAESEFjIrJl9-L5VvE3KaNGCXj8&google_cver=1&google_push=ASkJ3FZ5FTpACFG7CnlALYnAgjjqw2Si8lZTXAep_RzHP9fACEgSvZXO1o_qJxoviSwt-0ENYgk8EXq2ro6_jmrt3eAoiMOP5_y0qg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFjIrJl9-L5VvE3KaNGCXj8&google_cver=1&google_push=ASkJ3FZ5FTpACFG7CnlALYnAgjjqw2Si8lZTXAep_RzHP9fACEgSvZXO1o_qJxoviSwt-0ENYgk8EXq2ro6_jmrt3eAoiMOP5_y0qg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZ5FTpACFG7CnlALYnAgjjqw2Si8lZTXAep_RzHP9fACEgSvZXO1o_qJxoviSwt-0ENYgk8EXq2ro6_jmrt3eAoiMOP5_y0qg

Request Chain 106

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEJ04TjN-KX4eVcX2AiUGhrA&google_cver=1&google_push=ASkJ3FYnnGMdq7r2H3uHlEuhoh_IwXLdUry78ZLp-wSJfwBR4Or2euz9i1Hfb9TFzlR_XRPHwAETAx-f79YniymWNSwmvdlvJ6AjCOg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3FYnnGMdq7r2H3uHlEuhoh_IwXLdUry78ZLp-wSJfwBR4Or2euz9i1Hfb9TFzlR_XRPHwAETAx-f79YniymWNSwmvdlvJ6AjCOg&google_hm=NjQ0NjE5OTY5MzYyMTI2Nzk1Nw==

Request Chain 107

https://sync.inmobi.com/gob?google_gid=CAESEE3rvPwH6QhnMKnCG3KUedQ&google_cver=1&google_push=ASkJ3FY4nOi2HyvET-hMOckCyg0VAnRkmoRNqo1P9VPbr0lOurdBmZMaLrDo2fXGet6rwWqFntC-p8Dcg3Y-OiO4VHt3AxBt2QKj28U HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FY4nOi2HyvET-hMOckCyg0VAnRkmoRNqo1P9VPbr0lOurdBmZMaLrDo2fXGet6rwWqFntC-p8Dcg3Y-OiO4VHt3AxBt2QKj28U

Request Chain 108

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAADkPo55x4wlEeYOK9SWjk&google_cver=1&google_push=ASkJ3FbluFjo1ZR6tlXoQLhsZHZFjfq3acgGyx8YEAQm_USsTcTrGlTcf6__l1ZmYVjvWALcpDssCMISuzDqJD8DI_dS4ogd8NAYEtI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FbluFjo1ZR6tlXoQLhsZHZFjfq3acgGyx8YEAQm_USsTcTrGlTcf6__l1ZmYVjvWALcpDssCMISuzDqJD8DI_dS4ogd8NAYEtI HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 109

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKL0TB7yNOPVb6fZd545GFQ&google_cver=1&google_push=ASkJ3FZ7dNyuAsQtVi-KP884l8Fi0q_LOsUJRuL2w5PysH-d8cfyf6R43xXilCNCd5-gh8Tm6DvTNihSDmEGvQAe5J8JDsIaVkMN68I HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKL0TB7yNOPVb6fZd545GFQ&google_cver=1&google_push=ASkJ3FZ7dNyuAsQtVi-KP884l8Fi0q_LOsUJRuL2w5PysH-d8cfyf6R43xXilCNCd5-gh8Tm6DvTNihSDmEGvQAe5J8JDsIaVkMN68I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0d1087f2-d7e2-478e-a467-5e48b2922e60&%%GOOGLE_PUSH_PAIR%%

Request Chain 131

https://b1sync.zemanta.com/usersync/outbrain/?puid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&s=2&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=tG4lycyModpv07Ge-imc&gdpr=0&us_privacy=1---

Request Chain 132

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dappnexus%26uid%3D%24UID%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3112462152479183588&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 133

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_pd=1&gdpr_consent=

Request Chain 135

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=ttd&uid=46455199-3a10-49f5-aada-139e8aa7c5e8&gdpr=1&gdpr_consent=

Request Chain 138

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI HTTP 302
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=df94a1e6-26f9-4960-bf4c-3bca27c094b3

Request Chain 139

https://x.bidswitch.net/sync?ssp=outbrain&user_id=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=outbrain HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=outbrain HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=5245590699115982519&ssp=outbrain HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=0d1087f2-d7e2-478e-a467-5e48b2922e60&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEFkdaXz92ELqVFUkIK5A28&google_cver=1 HTTP 302
https://jadserve.postrelease.com/suid/1011?vk=0d1087f2-d7e2-478e-a467-5e48b2922e60

Request Chain 142

https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7166022709969287320&gdpr=0&gdpr_consent=

Request Chain 145

https://creativecdn.com/cm-notify?pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://creativecdn.com/cm-notify?pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---&tc=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=eeQOtOJNRNwbK0Gt0DY0&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---&tc=1

Request Chain 148

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI HTTP 302
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&xl8blockcheck=1 HTTP 302
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI{%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}

Request Chain 149

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---&s=193091&C=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y3LTsC10kySiGE36_nkWXAAAFAwAAAIB&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 150

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDA4N0ZGMDgtMjNDRS00OUY5LUI0RTItODQyNUU2RTYyMjkw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D4087FF08-23CE-49F9-B4E2-8425E6E62290 HTTP 302
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---&uid=4087FF08-23CE-49F9-B4E2-8425E6E62290

Request Chain 152

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true&verify=true HTTP 302
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-n.89FLlE2uGIKaA3Rx6sWij0o6Ml0vDOshWaZhI-~A&gdpr=0&gdpr_consent=

Request Chain 153

https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1RTGpFTXJtOWJNaGpCcmtwWWxZQjNwSUNTZXVweWY2MUZwRHp0MUUzRTg5UFBUSEtIaEpTQWlvWmpfazY4bG5JJmdkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MS0tLQ== HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=3112462152479183588&redirect=https://sync.outbrain.com/cookie-sync?p=emx&uid=$EMXUID&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1RTGpFTXJtOWJNaGpCcmtwWWxZQjNwSUNTZXVweWY2MUZwRHp0MUUzRTg5UFBUSEtIaEpTQWlvWmpfazY4bG5JJmdkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MS0tLQ== HTTP 302
https://sync.outbrain.com/cookie-sync?p=emx&uid=3112462152479183588brt51581668469680728835f1&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 154

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=7ab9fe71-8f81-48ca-9d40-32638caeefee&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 156

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=smart&uid=3777080887159330028&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 161

https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=quantcast&&uid=M5t4x2GbLcUozHmQPctik2HLdscon3rAY8ypm-kj

Request Chain 162

https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%7BuserId%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---&ev=1&us_privacy=${us_privacy}&pid=562709

Request Chain 163

https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 168

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CI-E4fTtrvsCFRTcdwodiJMBsw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668469680_c5a6b9b1-6476-11ed-adce-2234a4c513ba

Request Chain 196

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fimginn.com%2F&domain=imginn.com&gdprString=CPifETHPifETHBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=BMWwaXxyNlI2RythcEk1R0lUQ015ZGEyV1VUOUV5UmwvdEZ1cnFlRGtyQXpyUmNWMURrbU4wa0VNQ0Rlb2FBbG1aZWNtejZicHQxa1NWVGNQNnA4SU1ab2pzVG45cjlZcU5YS3hFMGhnQ3ZqQ1M3aFlUdHlTZWVjdktNMlB1YmFndlorcXpDLzk0Q0d2WXZyNjBXdDFITXpwQmtuZzhIcWdlVUVPa3ZSb1h4dS9kRENmYXAvUktpL0pvalhYYlNyQTN5RzZGUFRkRS82T3FjbzhaUGUxa3JUT2dnUFBLN3hUdWVoSERlUHZ3Ym5ROFhJPXw&cppv=2

193 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
imginn.com/redpilltotal/ 14 KB
4 KB 1052ms
1004ms Document
text/html 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56e977eaf7c98d61835e202428b94a8ca4f10154387eaf269bc904df9de9af58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 76a3a29209a09238-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 23:47:56 GMT
last-modified: Mon, 14 Nov 2022 23:47:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEgj2pxhMXw1VO52Qzf7RF6356%2Ff1i5aYJQb5fsl9jQ9XgzhbJJDnLUqLPCQhrL7uD9lEO7X88Z%2BVrokj3iVipnSelCScyUOH%2BvlYNQeqdYhuhXVICUB83qTq0G0fa5qJlAsGio96pg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
77 KB 74ms
34ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8QBYR6XXV4

Requested by

Host: imginn.com
URL: https://imginn.com/redpilltotal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a1ef48939ea1a4bfab6d25507bde4058f9951b32e3fad915a6266b4ade67967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78756
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 23:47:56 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
2 KB 151ms
107ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8d1972826d6114a57e61adcc655f163f80483121da01b62b68882f0758db642

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GHNTKNQSFCP20P2HT3X99JSF
date: Mon, 14 Nov 2022 23:47:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 58
cf-polished: origSize=3910
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"c3a9e56b2703e25ae4052fda3b0c1fde-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 76a3a298999e9186-FRA
link: <https://live.demand.supply/impl.v16.1.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/aW1naW5uLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 art.css
imginn.com/css/ 35 KB
7 KB 28ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imginn.com/css/art.css?v366
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91536a3dab256af4292836001aba786855362d053e6c9ff685417eb6af96e8c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/redpilltotal/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Nov 2022 12:48:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9697
etag: W/"636a5037-8ded"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUxtu6vilSse%2FdYGSdZqgZSID5aKmHe%2FI74yr6kBWcTX5FvujgxFdDlaeGsKf5cw6Q7Kx3irtBDLHI1LBLtHHmDt1%2Fcur7lNdSXG2Db4sHuf9Iu6sh8npNFPMEiBV6SNpveMX7EMiFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 76a3a2985ec69238-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 14 Dec 2022 21:06:19 GMT

GET
H2 200 resize
imageproxy.pimg.tw/ 9 KB
9 KB 2020ms
626ms Image
image/jpeg 168.95.245.2
CHTCDN Data Commu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.pimg.tw/resize?url=https%3A%2F%2Fscontent.cdninstagram.com%2Fv%2Ft51.2885-19%2F313983926_1441965049629264_5490033576771844030_n.jpg%3Fstp%3Ddst-jpg_s150x150%26_nc_ht%3Dscontent.cdninstagram.com%26_nc_cat%3D100%26_nc_ohc%3Dub2KlqSu9j4AX_YANic%26edm%3DAOQ1c0wBAAAA%26ccb%3D7-5%26oh%3D00_AfByycRf54y7BRfAzM_iTl2AaXatnz0Ir8bS2pu01bOhAw%26oe%3D6377FCDB%26_nc_sid%3D8fd12b
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.95.245.2 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS: 168-95-245-2.hinet-ip.hinet.net
Software: HiNetCDN/2211 /
Resource Hash: cce38ba80d59539bcb517cd5f92722349ca63303b134ca7927babddff4c484bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/jpeg
x-image-geometry: 150,150
date: Mon, 14 Nov 2022 23:47:58 GMT
cache-control: public, max-age=31536000
server: HiNetCDN/2211
x-cache: MISS, MISS, MISS
x-request-id: 776c97b57f0f14c3a1158e51bb643390

GET
H2 200 lazy.jpg
imginn.com/img/ 3 KB
3 KB 27ms
26ms Image
image/jpeg 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imginn.com/img/lazy.jpg
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 141e849165cd8090d15cc89114aea9cad9b5cc3118447d726bfd68a5459deadf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/redpilltotal/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2703
cf-bgj: h2pri
last-modified: Fri, 10 Jun 2022 08:07:32 GMT
server: cloudflare
etag: "62a2fbc4-a8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3itXEn56wERe6Z%2BKFz78z7xa2pyRbpRvZro2J8VIV%2FEbpNpUYM4W94hDDlmqOlNOJ7YzfAkcRdRBv0kZI%2B0JNAKc4OiRkCMe1dCfOgR5x3RvH9FDZWBeJ95oDHWGYys%2Fvgc0kN%2Fuk8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 76a3a2987ee89238-FRA
expires: Wed, 14 Dec 2022 20:38:30 GMT

GET
H2 200 art.js Show response
imginn.com/js/ 6 KB
3 KB 30ms
29ms Script
application/javascript 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imginn.com/js/art.js?v366
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66adfc7279b166d725ba696e4d8b8994792e794d147506001eb9339187f59afe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/redpilltotal/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Nov 2022 12:48:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9143
etag: W/"636a5037-1809"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATALDWlJdDvUz%2FAz57WE5LSZTzD3H5F5XGQ%2BpJNkxHOXu0%2BJv9f0ZyS%2FTyrRk343BzBWajqxMTezjeEvQcfOIFKRxX2ATcJsgy%2Ba%2FsP7eAZd5XzW2Jprc2aSUwHBLyJFmpq7NaZsSxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76a3a2987ee69238-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 14 Dec 2022 21:15:33 GMT

GET
H3 200 search.png
imginn.com/img/ 2 KB
3 KB 29ms
29ms Image
image/png 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imginn.com/img/search.png
Requested by: Host: imginn.com
URL: https://imginn.com/css/art.css?v366
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/css/art.css?v366
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11534
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2153
last-modified: Fri, 10 Jun 2022 08:07:32 GMT
server: cloudflare
etag: "62a2fbc4-869"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXu8bvDzT0V9S%2FCPoW6QQgNUi4Az5lykEd%2FNEi11rygJtNqIphKEEQjnofhKF6Vgc3N7HHpV67sVorTisY3Evic1h1lmhE33zi%2BIoCgjCGYx2lcRQjl1l5zOg%2FB%2BVaIKKAmKEu1tons%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 76a3a298aa5190ef-FRA
expires: Wed, 14 Dec 2022 20:35:42 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 63ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: imginn.com
URL: https://imginn.com/css/art.css?v366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imginn.com/
Origin: https://imginn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 08:01:02 GMT
x-content-type-options: nosniff
age: 575214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Nov 2023 08:01:02 GMT

GET
H2 200 load2.js Show response
tags.h12-media.com/ 258 KB
95 KB 119ms
45ms Script
application/javascript 154.51.131.137
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.h12-media.com/load2.js
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.137 London, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: c9a302a481f32738ecc2f5131539dfb5deaf5f2ab0e8ac006effbdd3c314a1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:56 GMT
content-encoding: gzip
last-modified: Sun, 30 Oct 2022 17:45:01 GMT
server: Microsoft-IIS/10.0
etag: "89e2c5687ecd81:0"
x-powered-by: ARR/3.0
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 96829

GET
H2 200 /
d9.imginn.com/ 12 KB
13 KB 448ms
397ms Image
image/jpeg 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.imginn.com/?https://scontent.cdninstagram.com/v/t51.2885-15/314397230_1699514110434296_8154717313430435840_n.jpg?stp=c0.180.1440.1440a_dst-jpg_e35_s240x240&_nc_ht=scontent.cdninstagram.com&_nc_cat=108&_nc_ohc=AYAWd8Dz8gIAX99QvwY&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=Mjk2NTcwNzcxNDQ0NzAwNzY0Ng%3D%3D.2.c-ccb7-5&oh=00_AfC0ZzEb-FRsngOG9WpkUMGZ72YFVi28Ea5OopT_43nkeQ&oe=63789BA1&_nc_sid=8fd12b
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff047e34881c1f96b32a3ad8217e431587b57aa9be758fcd86ab8fa5ba28e4cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-haystack-needlechecksum: 2697136916
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=110329219
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12594
x-fb-trip-id: 1781455057
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sun, 06 Nov 2022 18:32:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGzd2eChPMDmukZtkGJAYKjoL8jExIgsfCnFbmJg%2BAZjap1q19dRiqkg8C%2BTREWPB4NHj2eAvxXi2oQdYZB5xosgJ4Fi5PS8R8u%2B3IA8uOHUtG9V1m3Wzov3pn2dTxGbWrBALU1QfNH7Xfc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-fb-edge-debug: UpIyQKCk7Q83nrbk33dXc23o15rbUVVcHFC9T7-BJxM3Q1nXQQaLicFyJ448vO9q1xzO_iWl7OmaUutSQntP5FTlNZnAMdJvOTRt05MAwWM
x-needle-checksum: 3136319436
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76a3a2991d435c50-FRA

GET
H2 200 /
d9.imginn.com/ 10 KB
10 KB 267ms
216ms Image
image/jpeg 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.imginn.com/?https://scontent.cdninstagram.com/v/t51.2885-15/292671541_1275872376517416_6750607265829308851_n.jpg?stp=c0.180.1440.1440a_dst-jpg_e35_s240x240&_nc_ht=scontent.cdninstagram.com&_nc_cat=100&_nc_ohc=vutnLXlO7A0AX9mymOO&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=Mjg3OTQyNDgzNTg3MTk4MTc3OQ%3D%3D.2.c-ccb7-5&oh=00_AfAB873mKuaU5RNlaON-QtICiaIEnZZKaDIKqW4HJ8Xrpw&oe=6377A7D2&_nc_sid=8fd12b
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92f6825696eda486521445ee4f77e59a695b04968b6037a3353fd45d597d7323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-haystack-needlechecksum: 2917251569
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=2317009883
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9872
x-fb-trip-id: 1781455057
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sun, 10 Jul 2022 17:28:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lEUhMzIJsJuxtqFR20q4Y5dVEKPYUJBvBZCLOtfHdmWUjcqHmCzrH6OGpcGBTS8TR5Z2IOCfjW%2Bg9tPGzW4QMLNL3uy83ZXsZBGJBUB79bEW3h7tgy0nimeiZSx4m3d%2FrFOHSf8ftSaeUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-needle-checksum: 4158246692
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76a3a2991d445c50-FRA

GET
H2 200 /
d1.imginn.com/ 12 KB
13 KB 315ms
268ms Image
image/jpeg 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1.imginn.com/?https://scontent.cdninstagram.com/v/t51.2885-15/267610993_211469367821429_1437715236956505432_n.jpg?stp=c0.180.1440.1440a_dst-jpg_e35_s240x240&_nc_ht=scontent.cdninstagram.com&_nc_cat=105&_nc_ohc=U5dfIEmpBVAAX_n5Z0F&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MjcyOTU1NTkxODI4NzMyODAxOA%3D%3D.2.c-ccb7-5&oh=00_AfCvaBzXXhlOTUJh0mlrDADv1K7O0AK6q7JV9JSaeJXp9Q&oe=63781CB9&_nc_sid=8fd12b
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16863a43424f9a800f3f34d2619e1c82d8eff7667cb9aa25c0f59860f4fa3b84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-haystack-needlechecksum: 4105832854
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=3491845684
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12237
x-fb-trip-id: 436667874
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 15 Dec 2021 22:46:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaHLYjwm%2BEZfsZz72KVf%2FnW4kZeqQyJ49SLjvilKliNS7Fw4dko6Q2lg1ceEtbz5BfoEfB%2Ffew3GtIay294D46ASswdHl8MqOC4B3N2uPHXDO3JWE43%2BFSwKuOpv%2F9cTYNS%2Fe03GM3fV73k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-fb-edge-debug: BKD0-Tg-gpLL5-OZnoS3nXlK2_Ajw_fpPB3nGHiccMY0grYSJgoWt-ZlBM5PLt9G5LE4dNZ3tSkAYnPpBaOE08wW8fI7Dc4kS9SBJjEjRgY
x-needle-checksum: 4075456988
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76a3a2990a2a9b2b-FRA

GET
H2 200 resize
imageproxy.pimg.tw/ 9 KB
9 KB 1782ms
438ms Image
image/jpeg 168.95.245.2
CHTCDN Data Commu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.pimg.tw/resize?url=https%3A%2F%2Fscontent.cdninstagram.com%2Fv%2Ft51.2885-15%2F267408966_1251892418640678_7850863363478673937_n.jpg%3Fstp%3Dc0.180.1440.1440a_dst-jpg_e35_s240x240%26_nc_ht%3Dscontent.cdninstagram.com%26_nc_cat%3D106%26_nc_ohc%3DR0caOW2d1lUAX-iRTTu%26edm%3DAOQ1c0wBAAAA%26ccb%3D7-5%26ig_cache_key%3DMjcyOTUzNTQ5ODc0NjIwNzE2Nw%253D%253D.2.c-ccb7-5%26oh%3D00_AfASqbCNmnguCzYtkqu_G5FNd2cfmp5Xh8Pv9KCRxHrFKw%26oe%3D6377CB7F%26_nc_sid%3D8fd12b
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.95.245.2 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS: 168-95-245-2.hinet-ip.hinet.net
Software: HiNetCDN/2211 /
Resource Hash: a048aa5581bf109b05a3ec777fabfb048245627905e3e96c4d74133c32150920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/jpeg
x-image-geometry: 240,240
date: Mon, 14 Nov 2022 23:47:58 GMT
cache-control: public, max-age=31536000
server: HiNetCDN/2211
x-cache: MISS, MISS, MISS
x-request-id: 5b6ee52677119f2404e32927fcdf07bb

GET
H2 200 resize
imageproxy.pimg.tw/ 8 KB
8 KB 1818ms
474ms Image
image/jpeg 168.95.245.2
CHTCDN Data Commu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.pimg.tw/resize?url=https%3A%2F%2Fscontent.cdninstagram.com%2Fv%2Ft51.2885-15%2F261184142_316387133642943_9856915771315303_n.jpg%3Fstp%3Dc0.180.1440.1440a_dst-jpg_e35_s240x240%26_nc_ht%3Dscontent.cdninstagram.com%26_nc_cat%3D103%26_nc_ohc%3D3Oo1Z0UYvhQAX_MbFg1%26edm%3DAOQ1c0wBAAAA%26ccb%3D7-5%26ig_cache_key%3DMjcxNzAyMjY2OTYxNTA1NzMwMQ%253D%253D.2.c-ccb7-5%26oh%3D00_AfCBMhII629sa-6c3WvSEKN6bJPJriyBBYhyniXiWkdJVg%26oe%3D6378C1DA%26_nc_sid%3D8fd12b
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.95.245.2 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS: 168-95-245-2.hinet-ip.hinet.net
Software: HiNetCDN/2211 /
Resource Hash: 82e96ef9e08b529eac3fc86c07cd82f964ca112b0f138332071e4627c7231d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/jpeg
x-image-geometry: 240,240
date: Mon, 14 Nov 2022 23:47:58 GMT
cache-control: public, max-age=31536000
server: HiNetCDN/2211
x-cache: MISS, MISS, MISS
x-request-id: f5e3001b9a52aa6287f0dc61c97a1130

GET
H2 200 /
d1.imginn.com/ 31 KB
32 KB 624ms
578ms Image
image/jpeg 2606:4700:20::ac43:4675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1.imginn.com/?https://scontent.cdninstagram.com/v/t51.2885-15/133744088_756073995277584_3251973558897131583_n.jpg?stp=dst-jpg_e35_s320x320&_nc_ht=scontent.cdninstagram.com&_nc_cat=100&_nc_ohc=6wozQad-nl0AX8iOLXW&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MjQ3NTc5OTQ2MDQ3Mjg0OTM5OQ%3D%3D.2-ccb7-5&oh=00_AfDcxtcK3pBIVXTdBk3BRiGTP_s-W2UTBTkYmR-onO0kjA&oe=63770303&_nc_sid=8fd12b
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4675 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac43dd484c5797fee6667c226821a8154f536b03954350ba1f65f1b84caaeb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-haystack-needlechecksum: 3782102251
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=115766831
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32151
x-fb-trip-id: 2021344134
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 30 Dec 2020 19:58:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peFYb8LV2dVUQG9e9O%2B7kcvHwsj7NsSwTG0T2hHQpXYcTOdDjUCcl9YH8QP63DnLA78qW3aBAfOjIJKvoeBsaFpJ36iB8n7izDx9%2FEFswGZjT0bT%2FbLnEab7RuL2MRqKgb6OGsY0bVr17dY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-fb-edge-debug: nIyNcAEqLJBkE7wVRYtgnhVUgCiaThQXkd6hQrx0DxLf4NtVqWEG3L8ckI4ThDdaVpKhacLniSkK2d4cBwwPeFVOA7LE5HvkUJp0uZY-IFg
x-needle-checksum: 2527275693
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76a3a2990a2b9b2b-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 63ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8QBYR6XXV4&gtm=2oeb90&_p=757426503&cid=235000192.1668469677&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668469676&sct=1&seg=0&dl=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&dt=summer!%20(%40redpilltotal)%20download%20instagram%20stories%20highlights%2C%20photos%2C%20videos%20-%20ImgInn.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8QBYR6XXV4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:47:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imginn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl.v16.1.0.js Show response
live.demand.supply/ 73 KB
24 KB 45ms
25ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.1.0.js
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c980dc996e63eadf337ea26aecc48561a92c4a4ca35d588e124c2223e540779a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GEJAZ2E347JK4T33G6WYCJ2V
date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 962363
cf-polished: origSize=74593
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"eacafb68e163060c074814d393a7b05c-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 76a3a2997b395b32-FRA

GET
H3 200 aW1naW5uLmNvbS8= Show response
live.demand.supply/p4/v14-3-0/ 940 B
652 B 75ms
58ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-3-0/aW1naW5uLmNvbS8=
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1e0076e3fc0353ebc866aa21624657a4518b7bb1839f2942229ed2e0231d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 76a3a2997b3b5b32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
299 B 43ms
24ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=153&cs=c&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFKAZGVT6D2ZJ2KRF7MJTSGD
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: HIT
age: 2133251
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a29978b5bbd7-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 81ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d686d2f49f1fba79a674b60c9d0a407df8422f81257bf4003e728be85fbec9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27313
x-xss-protection: 0
server: sffe
etag: "1392 / 603 of 1000 / last-modified: 1668467156"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 14 Nov 2022 23:47:57 GMT

GET
H3 200 aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv Show response
live.demand.supply/p4/v14-3-0/ 940 B
652 B 69ms
54ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-3-0/aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1e0076e3fc0353ebc866aa21624657a4518b7bb1839f2942229ed2e0231d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 76a3a2997b3d5b32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
441 B 40ms
23ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFG83MGHT9AQM9JV5EHVW2T3
date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2132854
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 76a3a29978b7bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 imginn.com_fluid_sq_user_test Show response
live.demand.supply/cp/ 30 B
192 B 155ms
155ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imginn.com_fluid_sq_user_test?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee6904378bdf00436ee2dcc0f10ec700e6a55bc61bd24607221dc3cc190e379

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 76a3a299c920bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H3 200 imginn.com_fluid_sq_user_test Show response
live.demand.supply/cp/ 30 B
192 B 166ms
165ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imginn.com_fluid_sq_user_test?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee6904378bdf00436ee2dcc0f10ec700e6a55bc61bd24607221dc3cc190e379

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 76a3a299c923bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H3 200 imginn.com_728x90_sticky_display_bottom_bottom-sticky Show response
live.demand.supply/cp/ 30 B
192 B 157ms
157ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imginn.com_728x90_sticky_display_bottom_bottom-sticky?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c180926a85235a5bb38cb719283ded9a7fc7ce63ab91b22505cb37f2fcb2d5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 76a3a299c924bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
298 B 27ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFCMM3AHGAW1G7RR6Z6FM702
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: HIT
age: 2125183
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a299c925bbd7-FRA

GET
H2 200 / Show response
f.h12-media.com/ 30 B
560 B 102ms
58ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://f.h12-media.com/?init=1&rnd=0.19272572708967428
Requested by: Host: tags.h12-media.com
URL: https://tags.h12-media.com/load2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET, ARR/3.0
Resource Hash: 9b7a307530f2a8d7af49722aa2af29a1be30b9964b0dde8e3a476504ec9b7aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET, ARR/3.0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2fbhGfyp5KSYayKCC6%2BLVWftdyqUPJMNJESFoyroO346tEA%2BoTF5hcFINWiu81SMHi9ErcDIoykKNEuFfeyyHxFX1E%2FEsBrS0Plp6V4%2FQqkjKXnrsqD%2F6EOmfP1AE4bPxQytzion9DON2R2xIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; Charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600,private
cf-ray: 76a3a29a3d70bb91-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pubads_impl_2022111001.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 20:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132474
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 09:36:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 20:04:59 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
92 B 57ms
24ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=imginn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

150731097870b1b874277f0ee35629d7794343297d59abcd506896bc22ceb397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 14 Nov 2022 23:47:57 GMT

GET
H2 200 tags.js Show response
tags.h12-media.com/v3/ Frame 8246 53 KB
25 KB 84ms
84ms Script
application/x-javascript 154.51.131.137
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222001%3Aac8%3A20%3A302%3A%3A202e%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%2264e985fb18d9f717e102af55b048ecc6%22%2C%22adunitid%22%3A%2223818%22%2C%22topurl%22%3A%22https%3A%2F%2Fimginn.com%2Fredpilltotal%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%220ugc6ffhuty%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A1%2C%22hourofday%22%3A23%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C1747%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C1747%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.31617507982758264
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.137 London, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: 41df50007faa5aad94ec57c8b1f72fba96f597cb319dbc510fe20fcf1f2658d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:56 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
vary: Accept-Encoding
content-type: application/x-javascript; Charset=UTF-8
access-control-allow-origin
cache-control: no-store,no-cache,max-age=0,private
access-control-allow-credentials: true
srg-x: x-.159
content-length: 25256

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 66ms
24ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imginn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 66ms
25ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imginn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
773 B 294ms
294ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458667185244936&correlator=4452801661866780&eid=31070657&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Cc85cf867-8603-448e-bf25-5f84928d1495&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1928954406&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D175689ca-0a0a-4384-9344-268d1cf4b912%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D89&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668469677270&lmt=1668469676&dlt=1668469676842&idt=396&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=235000192.1668469677&ga_sid=1668469677&ga_hid=757426503&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ded9bbd84fd5be11b23446f19f8e83dacbf9c58a06f530d805561717efa63dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 743
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imginn.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4CCC 6 KB
3 KB 106ms
50ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imginn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:47:57 GMT
expires: Tue, 14 Nov 2023 23:47:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022111001.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782da8a59941de0266c3a8162002fe463a77883792ffa306a55fa37b8fa9e336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 00:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13836
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 09:36:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 00:08:48 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
299 B 22ms
22ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imginn.com_fluid_sq_user_test&pdc=0.04823506772518158&ucv=null&e=tcp&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFKAZGVT6D2ZJ2KRF7MJTSGD
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: HIT
age: 2133251
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a29b1abcbbd7-FRA

GET
H2 200 imginn.com_fluid_sq_user_test Show response
api.demand.supply/v14-3-0/a/ 316 B
499 B 68ms
23ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-3-0/a/imginn.com_fluid_sq_user_test?&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bab2187896fa9c8336df4aaa1ad72ca029fba689ba5ce2d25e297f4879f87695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4725
etag: W/"13c-tFOhGdQ3/5rTGfbqNzw8L7vuitA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 76a3a29b686a6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
299 B 23ms
23ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imginn.com_728x90_sticky_display_bottom_bottom-sticky&pdc=0.06283683776855468&ucv=null&e=tcp&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFKAZGVT6D2ZJ2KRF7MJTSGD
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: HIT
age: 2133251
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a29b1ac9bbd7-FRA

GET
H2 200 imginn.com_728x90_sticky_display_bottom_bottom-sticky Show response
api.demand.supply/v14-3-0/a/ 318 B
307 B 68ms
26ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-3-0/a/imginn.com_728x90_sticky_display_bottom_bottom-sticky?&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f076553a482cb14e0c96bdeac2ddbcf60231354c7938746166d30a6f95612d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3233
etag: W/"13e-1hSIx0kcz8wVqyGvoULQ1+DuF1k"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 76a3a29b686c6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
299 B 24ms
23ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imginn.com_fluid_sq_user_test&pdc=0.04823506772518158&ucv=null&e=tcp&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFKAZGVT6D2ZJ2KRF7MJTSGD
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: HIT
age: 2133251
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a29b1accbbd7-FRA

GET
H2 200 imginn.com_fluid_sq_user_test Show response
api.demand.supply/v14-3-0/a/ 316 B
272 B 65ms
23ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-3-0/a/imginn.com_fluid_sq_user_test?&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bab2187896fa9c8336df4aaa1ad72ca029fba689ba5ce2d25e297f4879f87695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4725
etag: W/"13c-tFOhGdQ3/5rTGfbqNzw8L7vuitA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 76a3a29b686f6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 prebid3_2.1.js Show response
f.h12-media.com/v3/ Frame 8246 1 MB
250 KB 59ms
38ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://f.h12-media.com/v3/prebid3_2.1.js?v=11102022
Requested by: Host: tags.h12-media.com
URL: https://tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%222001%3Aac8%3A20%3A302%3A%3A202e%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickysmart%22%2C%22pubid%22%3A%2264e985fb18d9f717e102af55b048ecc6%22%2C%22adunitid%22%3A%2223818%22%2C%22topurl%22%3A%22https%3A%2F%2Fimginn.com%2Fredpilltotal%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%220ugc6ffhuty%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A1%2C%22hourofday%22%3A23%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1600%2C1200%5D%2C%22ddims%22%3A%5B1600%2C1747%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B0%2C1747%5D%2C%22maxwidth%22%3A1600%2C%22maxheight%22%3A1200%7D&rnd=0.31617507982758264
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET, ARR/3.0
Resource Hash: 06a73988ed7fd76538a93e5edc0ce2051beb4212273cc6f851e70ea7895a7f2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Oct 2022 02:09:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7151
etag: W/"2639b88616ddd81:0"
x-powered-by: ASP.NET, ARR/3.0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b23os2CT5uakEKc9QsRHXnjVN%2BTNYY3keUSWuj%2FehbNzq1Rs46GeWTxRQOGa3lis%2BGN8VFF1kwW21sjdRSa2s3NO0D2qU%2B6AJlu%2FcbnJJlfm0MrVapxAyzOQVL%2BcTv3hRD965QyAURSbOII0IIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 76a3a29b883d9268-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
298 B 21ms
21ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=imginn.com_fluid_sq_user_test&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFCMM3AHGAW1G7RR6Z6FM702
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: HIT
age: 2125183
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a29b8b69bbd7-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
298 B 22ms
22ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=imginn.com_fluid_sq_user_test&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFCMM3AHGAW1G7RR6Z6FM702
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: HIT
age: 2125183
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a29b8b6cbbd7-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 28ms
28ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GH18D0KDNTGXKAN4PR0X7CHK
date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 662913
etag: W/"891591a3e411258dbc5f1701af594b2d-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 76a3a29b8d1d5b32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
298 B 22ms
21ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=imginn.com_728x90_sticky_display_bottom_bottom-sticky&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFCMM3AHGAW1G7RR6Z6FM702
date: Mon, 14 Nov 2022 23:47:57 GMT
cf-cache-status: HIT
age: 2125183
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a29b9b74bbd7-FRA

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 57ms
24ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imginn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 60ms
26ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imginn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 314ms
313ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458667185244936&correlator=162814985127324&eid=31070657&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Cad3ed967-79c5-461e-beda-a8668fa40d4e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=4255664881&sfv=1-0-40&prev_scp=ti%3D175689ca-0a0a-4384-9344-268d1cf4b912%26pof%3D0%26bid%3D0.04%26bid-p%3Dgoogle%26bsc%3D89&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668469677367&lmt=1668469676&dlt=1668469676842&idt=396&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=235000192.1668469677&ga_sid=1668469677&ga_hid=757426503&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8321cad8a8bc5bea0c364d709ee00052a3af19560cfb043b349abeba4be1789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9954
x-xss-protection: 0
google-lineitem-id: 5562790932
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imginn.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 674 B
390 B 289ms
289ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458667185244936&correlator=4281888624304493&eid=31070657&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C83620001-5fb4-4354-a9ed-e2d9fcf00d12&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=900x280&ifi=3&adks=1804035739&sfv=1-0-40&prev_scp=ti%3D175689ca-0a0a-4384-9344-268d1cf4b912%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D89&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668469677420&lmt=1668469676&dlt=1668469676842&idt=396&adxs=350&adys=1303&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&frm=20&vis=1&psz=900x296&msz=900x296&fws=0&ohw=0&ga_vid=235000192.1668469677&ga_sid=1668469677&ga_hid=757426503&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeb45246a81b226384e7e5abe2e4af60784c829afc0bc44ff7a96e480d477c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imginn.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
13 KB 327ms
326ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458667185244936&correlator=4161429750100117&eid=31070657&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C83620001-5fb4-4354-a9ed-e2d9fcf00d12&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=900x280&ifi=4&adks=1364835663&sfv=1-0-40&prev_scp=ti%3D175689ca-0a0a-4384-9344-268d1cf4b912%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D89&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668469677428&lmt=1668469676&dlt=1668469676842&idt=396&adxs=350&adys=321&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&frm=20&vis=1&psz=900x296&msz=900x296&fws=0&ohw=0&ga_vid=235000192.1668469677&ga_sid=1668469677&ga_hid=757426503&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e040d9bb933ec25617a5ec12afdec4410436a5eb8e0576e4afe332bef639017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13041
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imginn.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
bidder.h12-media.com/prebid/ Frame 8246 3 KB
3 KB 65ms
56ms XHR
application/json 154.51.131.137
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.h12-media.com/prebid/?payload=2KCPSDNaNzAjKA7EH8K7WQPRohZgiTm7X11ZlTl0fkK3wcC1b4v-x5b205jHpJCKIaEFn4X21D7joOJmnsQE6CGEVDlS8Qw34uWs3HoH9Zr5adW7hTVudXWQrbFy7kP2NrDIY4eXi2XgUoyDdIWYDypxwz6GqK7W4XfUL9LY4241Z5FH8EizV-IdhFre3pivuGVdd2zE0opIhgS4ooKzcF1B5XEphhGFvy4gL0qPeBI0u2tR8J2x3KX6OZjnODiTw55itwgy1Of-1FAugub3qZOUqZlXgF4ABvbH7TED6mY89YV6c2g3obC71EZine75IVaynU0fWWLJQqAeQO2q05NXmhjtPz6WJIuhoqV1bQnj8k8wN8c2J_TOJsGsn5a-OpO5k4Ps2N4fYSV9d87HafbVw5QMXyPiibup-AF6O-B8lgOZomNZypTeOzvuh9c3n30
Requested by: Host: f.h12-media.com
URL: https://f.h12-media.com/v3/prebid3_2.1.js?v=11102022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.137 London, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ARR/3.0
Resource Hash: 848afece293e33a9dc72a80debcc45dd05a876526abf98e38c41860d1e206232

Request headers

Referer: https://imginn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET, ARR/3.0
vary: Accept-Encoding
content-type: application/json; Charset=UTF-8
access-control-allow-origin: https://imginn.com
cache-control: no-store,no-cache,max-age=0,private
access-control-allow-credentials: true
srg-x: x-.158
procadsent: 0.0312
content-length: 2992

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 8246 0
166 B 86ms
25ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: f.h12-media.com
URL: https://f.h12-media.com/v3/prebid3_2.1.js?v=11102022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imginn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Mon, 14 Nov 2022 23:47:58 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://imginn.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2d2a6/1/imginn.com/ Frame 8246
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2d2a6/1/imginn.com/ROS?rnd=0.2615181460589955&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x...
https://pbjs.e-planning.net/hb/1/2d2a6/1/imginn.com/ROS?ct=1&r=pbjs&rnd=0.2615181460589955&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x...

653 B
1 KB

24ms
24ms

XHR
application/json

185.172.90.252
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2d2a6/1/imginn.com/ROS?ct=1&r=pbjs&rnd=0.2615181460589955&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&pbv=7.16.0&ncb=1&vs=FFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&gdpr=1&gdprcs=CPifETHPifETHBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&e_pubcid=3cc9c70c-88ae-4414-a0f0-66b1782cfe85
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Server: 185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: c120f2b8218374bdf08e1bf32f608e4f24c823f65c84cd892c4528cc55871436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Mon, 14 Nov 2022 23:47:58 GMT
date: Mon, 14 Nov 2022 23:47:58 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://imginn.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 653
x-sid: AMS-936

Redirect headers

date: Mon, 14 Nov 2022 23:47:58 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://imginn.com
location: /hb/1/2d2a6/1/imginn.com/ROS?ct=1&r=pbjs&rnd=0.2615181460589955&e=300x600_0%3A300x600%2B320x480_0%3A320x480%2B160x600_0%3A160x600%2B336x280_0%3A336x280%2B120x600_0%3A120x600%2B250x250_0%3A250x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90%2B468x60_0%3A468x60&ur=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&pbv=7.16.0&ncb=1&vs=FFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&gdpr=1&gdprcs=CPifETHPifETHBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&e_pubcid=3cc9c70c-88ae-4414-a0f0-66b1782cfe85
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-936

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame 8246 775 B
781 B 77ms
26ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUT3342T
Requested by: Host: f.h12-media.com
URL: https://f.h12-media.com/v3/prebid3_2.1.js?v=11102022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ef1fc55bfabda12b99254d50bf4d409ac064aaf04fea89c7f2c4bb2b4d2f228e

Request headers

Referer: https://imginn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:47:58 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://imginn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
299 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imginn.com_auto_interstitial_desktop&e=nai&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFKAZGVT6D2ZJ2KRF7MJTSGD
date: Mon, 14 Nov 2022 23:47:58 GMT
cf-cache-status: HIT
age: 2133252
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a2a16b0cbbd7-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 79ms
25ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

848360150c7285fb18cb4639a4bb09a3664499b3076d27648f1fd1ff8a7f538f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 09:46:31 GMT
server: cloudflare
x-amz-request-id: KEYQDPABTQSGQVYD
age: 1643
etag: W/"903cd4a80ebccf0d9e448e2b133b585d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 76a3a2a1cc4c9b57-FRA
x-amz-id-2: Wzqt6sdM5AH5nUAmPW7xIQwj2WqBrFlTzIaHFKc2qgzrUUDrPWIlNGkt0UWbCdVUvI0/o+xq8M8mCruWJEHQ+w==

GET view
securepubads.g.doubleclick.net/pcs/ Frame BB60 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB60 0
0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imginn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
25ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imginn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 308ms
308ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458667185244936&correlator=1404492610681813&eid=31070657&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C32043558-d474-4035-8bdf-8104fcc2fec4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=2434620774&sfv=1-0-40&prev_scp=ti%3D175689ca-0a0a-4384-9344-268d1cf4b912%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D89&eri=1&sc=1&cookie=ID%3Dc1b1c35ff248fe47-2216909633cf0051%3AT%3D1668469677%3AS%3DALNI_MYmA1eyfnGKm91xgzhoXHag3f11FA&gpic=UID%3D00000b8186e206db%3AT%3D1668469677%3ART%3D1668469677%3AS%3DALNI_Mavwa0uNp1fDkQaIXnd5io4lcCE3A&abxe=1&dt=1668469678315&lmt=1668469676&dlt=1668469676842&idt=396&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=235000192.1668469677&ga_sid=1668469677&ga_hid=757426503&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRjYwavExzBIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd38995d00af7a748b4a4a9a7d9439116ee62cc2d4a8be5c8f86df0047fd671d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12281
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imginn.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
299 B 34ms
33ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imginn.com_fluid_sq_user_test&e=nai&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFKAZGVT6D2ZJ2KRF7MJTSGD
date: Mon, 14 Nov 2022 23:47:58 GMT
cf-cache-status: HIT
age: 2133252
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a2a1ab4cbbd7-FRA

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 7875 221 KB
61 KB 67ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 20344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7875 14 KB
5 KB 93ms
42ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 20344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7875 94 KB
28 KB 94ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 20344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7875 5 KB
2 KB 109ms
60ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 20344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7875 40 KB
13 KB 110ms
61ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 20344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7875 8 KB
1 KB 73ms
25ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 23:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:00:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 23:47:58 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7875 2 KB
3 KB 68ms
15ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: imginn.com
URL: https://imginn.com/redpilltotal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 50885
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:39:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7875 295 B
398 B 69ms
16ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: imginn.com
URL: https://imginn.com/redpilltotal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:28:16 GMT
x-content-type-options: nosniff
server: cafe
age: 1182
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Nov 2022 23:28:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7875 0
0 76ms
23ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGEWg8-ByAFIdTD_Wm5okM8FEG8Nu5VYYZQ166YvK4mRfNRohxSGYMKVI42jPIDPPCbKZZbmDG15T-uwBoVLfYgOwY-Q
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7875 0
0 66ms
66ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIZRbrdNyY53tHKekx_APzu2R-A2OgOavbeX49q_AEAoQASCVm8ohYJXikIKgB6AB7LPywAHIAQngAgCoAwHIAwqqBJoCT9B5gvibksJMgYGRPtUgo2WGGx3OrBQm__EgPSroFJu0z7IxCH4Mc4xbR9yg6eIyRSb_Uf_7vkilW11V66M1ARNI81Dz3bSyufdMD0b6lntPZXL6ZhmUUizTuq74FDvAawQTYLr2OXqFsdxkRBKpAvea4C3Y4jftRSMkq-SiNDwrYFRGdI57oNNdBAwzPAKRDlwEBYMoQNKns02JRQBbYvw9s8k3FXrOiCr6G8dNTnnEwYMg4KQLi_yJy2nwHp0P0Cq2cFAcjeNHrVqEAFAMhf5HrJkZgi2VZiWlEiulEeos6hUMSrjmcwcpMC_4MZCS5RX-nUk4DSwPhr3HwAtayW1qTH4WIfUK6L7DzzSp31ZQjpEH6t1Bm94_wATvzYeSiwTgBAGSBQQIBBgBkgUECAUYBKAGLoAH_MuNvwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDwLtIIEgiI4YAQEAEYHTIDqoIBOgKAQPIIG2FkeC1zdWJzeW4tMjU1OTM1MjI2Mzg2NjUyMIAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=-wkV-Tvxm14&uach_m=[UACH]&cid=CAQSPwDq26N9ZmbRv6mm084Nn_29r839IalWa1HhbEcJ9QhWP5_WBZQpR1AOTtJQyuIYJ6TdsqgyJDIzjHpHpI4cWhgBIBM&template_id=5000
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
299 B 26ms
25ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=imginn.com_fluid_sq_user_test&sy=3ad4b88f-0568-4464-ad1c-7293b0f19c6e&ts=89&cd=2&pud=153&pus=c&pue=1210&pid=61&pis=c&pie=1276&ppd=79&pps=a&ppe=1294&pcl=1117&ttc=1568&tti=2559&ttif=0&lca=1294&lcak=ppe&lct=1294&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imginn.com&mlre=undefined&mlin=0&mlsi=900x280&mlbw=4g&mlcs=NaN&mltp=175689ca-0a0a-4384-9344-268d1cf4b912&e=lm&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFKAZGVT6D2ZJ2KRF7MJTSGD
date: Mon, 14 Nov 2022 23:47:58 GMT
cf-cache-status: HIT
age: 2133252
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a2a1bb66bbd7-FRA

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9757514893735722672/ Frame 7875 64 KB
65 KB 33ms
17ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9757514893735722672/14763004658117789537?w=600&h=314

Requested by

Host: imginn.com
URL: https://imginn.com/redpilltotal/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df306020bc7d1efc6e5ce7799ebf7804da32acac4faf3e437757ca987cedf770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 08:26:43 GMT
x-content-type-options: nosniff
age: 228075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66038
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 21:57:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Nov 2023 08:26:43 GMT

GET
DATA 200
OK truncated
/ Frame 7875 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7875 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7875 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20b9faf0a1075c86d286466cc7bae8fecce7ed7f77950725ac4a104bcd372656

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 71ms
18ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://imginn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://imginn.com
date: Mon, 14 Nov 2022 23:47:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7875 28 KB
28 KB 51ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imginn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 353537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 21:35:41 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame 01A8 213 KB
74 KB 133ms
29ms Script
application/x-javascript 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: f.h12-media.com
URL: https://f.h12-media.com/v3/prebid3_2.1.js?v=11102022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 18ec574fe917630fd9df93a35c4216e4f8890b31f684aaaccc6a996ea80e914d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:58 GMT
content-encoding: gzip
last-modified: Mon, 14 Nov 2022 15:13:46 GMT
etag: "16-Q6ikWBNgDiNr8+K8otXM7D8O2oY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400
access-control-allow-credentials: false
x-traceid: 2aeb30ee39c46eb4a1481c53da28a588
timing-allow-origin: *, *
content-length: 74807

GET
H2 200 /
tags.h12-media.com/rtb/ Frame 01A8 29 B
29 B 51ms
51ms Image
application/x-javascript 154.51.131.137
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=2KCPSDNaNzAjKA7EH8K7WQPRohZgiTm7X11ZlTl0fkK3wcC1b4v%2Dx5b205jHpJCKIaEFn4X21D7joOJmnsQE6CGEVDlS8Qw34uWs3HoH9Zr5adW7hTVudXWQrbFy7kP2NrDIY4eXi2XgUoyDdIWYDypxwz6GqK7W4XfUL9LY4241Z5FH8EizV%2DIdhFre3pivuGVdd2zE0opIhgS4ooKzcF1B5XEphhGFvy4gL0qPeBI0u2tR8J2x3KX6OZjnODiTw55itwgy1Of%2D1FAugub3qZOUqZlXgF4ABvbH7TED6mY89YV6c2g3obC71EZine75IVaynU0fWWLJQqAeQO2q05NXmhjtPz6WJIuhoqV1bQnj8k8wN8c2J%5FTOJsGsn5a%2DOpO5k4Ps2N4fYSV9d87HafbVw5QMXyPiibup%2DAF6O%2DB8lgOZomNZypTeOzvuh9c3n30&size=300x600&wp=0%2E039&bd=OBT&d=1
Requested by: Host: f.h12-media.com
URL: https://f.h12-media.com/v3/prebid3_2.1.js?v=11102022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.51.131.137 London, United Kingdom, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:57 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
vary: Accept-Encoding
content-type: application/x-javascript; Charset=UTF-8
cache-control: no-store,no-cache,max-age=0,private
srg-x: x-.183
content-length: 145

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cc636f73406bd9f7fb945f29612f41773083aaa22ae8b55780cce683562bd22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7875 2 KB
2 KB 52ms
16ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 50885
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7875 295 B
319 B 54ms
18ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:28:16 GMT
x-content-type-options: nosniff
server: cafe
age: 1182
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Nov 2022 23:28:16 GMT

GET
H3 200 container.html Show response
9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F8F 6 KB
3 KB 51ms
16ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imginn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:47:57 GMT
expires: Tue, 14 Nov 2023 23:47:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
299 B 25ms
24ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imginn.com_728x90_sticky_display_bottom_bottom-sticky&pn=2&sn=3&pc=0.06283683776855468&ds=true&e=wdp&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFKAZGVT6D2ZJ2KRF7MJTSGD
date: Mon, 14 Nov 2022 23:47:58 GMT
cf-cache-status: HIT
age: 2133252
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a2a3ada2bbd7-FRA

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
299 B 24ms
22ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=imginn.com_728x90_sticky_display_bottom_bottom-sticky&sy=3ad4b88f-0568-4464-ad1c-7293b0f19c6e&ts=89&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imginn.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=175689ca-0a0a-4384-9344-268d1cf4b912&e=lm&dsReferer=aW1naW5uLmNvbS9yZWRwaWxsdG90YWwv
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.1.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id: 01GFKAZGVT6D2ZJ2KRF7MJTSGD
date: Mon, 14 Nov 2022 23:47:58 GMT
cf-cache-status: HIT
age: 2133252
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 76a3a2a3ada3bbd7-FRA

GET
H/1.1 200
OK aW1naW5uLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame 01A8 16 B
464 B 854ms
28ms XHR
application/json 95.101.201.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/aW1naW5uLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:47:59 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=21172
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: fbda80251b7b3fc03a775b944ef2f21b
Content-Length: 16
Expires: Tue, 15 Nov 2022 05:40:51 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 01A8 43 B
341 B 176ms
28ms Image
image/gif 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:58 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 14 Dec 2022 23:47:58 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4F8F 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1JpYrtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExAJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPL2caq2lsPyF6F9bppOxLVKLKm_qraxAQf53dvGeYGRnpSqYcfJDgBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=UiagBaQkagQ&uach_m=[UACH]&cid=CAQSPADq26N9QJVv7wPDrtq3YlAd7dWBYSytjaTBKPUL6NMgDcmPm4kUbIzjPggOvmRPps0AtID6-ga9KwaLsBgBIBM
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 4F8F 0
0 823ms
25ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h276gfe43x2mghbz4whkfwmgsjz0r14jtv55pbd6m51dxn9jpfs3ryc190r52df3qtpa6qae8xaw4cpw40k82p355fw013909caaxwy6ej4kfrcy4yc9zgw2dn0e0evjk8vcb6anwyjqg3gyjyz2qs82fhkxt71jqvcx6wfvbq4t1ewj3ts9kk3g3sh95akn7yt1f96rbsm0rkyn0j2g4227p6per7rwhjx7b9h6fr7xnt9wvkckgkk4sfrwqw3b74btxkaq28b0hbtjdtqf9psresywzjfb5qgnp4tft2cz1tfdh40bj1j2xwy8kb95kxs118fc7n8ytspvww54h3ysf839x7w9mpt822p9n7c3177wn3wwc4rrpvsxhz6zvafj9zxcv0g9mr&b=Y3LTrgAFmjcIEfBXAAYuR7QVWQWmrAiriNO3HQ
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Nov 2022 23:47:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame B5CB 2 KB
3 KB 825ms
33ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jjad4g9vpv306maqqnf9v0nvqtrcc9m923g1hhr54avphmdex0drnb1b86rry5qjbzryq073dvfp2r8zmv52bykc1rqng5rc76spw97epkcaxawt45t7zfkn4esbwskd7e4kn26he90vqnr4nk8vh5e375mth2fd978f7v3zrmkjx4p6ghvfrbdqekt1ehgzs5wdfan82wwkmnbn4ke1847pt2z7e39kh5bhjpaenjfzmth2x7bejxxbkh207w7f3rkzxz3gwqy6p6hjqqpawrvmg5dn4rrgr3r20n7jfk87tvdhqswqfnd416b70a669jt0x4xb68ssd0qq0rawagje6v6jajrxm48z6tjf1961rpam7gjp5xxev44kc5t51f6y40amq96m1j9afsdjtjpa4ygmwc03966r9g024s4wd66n7et62t0yf2sz9xs2hjkr48q&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%26client%3Dca-pub-3831894559014614%26adurl%3D

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35287759c1bb8a0c417a1c6d70588c9be6eb2e1e8dedbf470bb0d067121e9b5d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76a3a2a8f853bbd9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:47:59 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4F8F 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 21:46:27 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1978 1 KB
1 KB 806ms
16ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Tue, 15 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4F8F 18 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 15:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 15:54:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4F8F 0
0 325ms
23ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQjjMcB14gMjRBNhh2waoyhh_3UsASFH19uR2dJ8peGFeDRindUyYyetBWsU64jlsTPJ6T01T7Gyd8gvQr2CnmyOqJ3w
Requested by: Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4F8F 24 KB
6 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 22:10:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F8F 154 KB
48 KB 1544ms
1543ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Nov 2022 23:48:00 GMT

GET
DATA 200
OK truncated
/ Frame 4F8F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84b16097060c4586078b11c5873ce45d8937a20a5d1140cae9ed3ca17aa20f50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame 01A8 27 KB
11 KB 799ms
270ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&idx=0&rand=1079&key=H12ME1OGI4M4PLMMGPJ01MHAC&widgetJSId=AR_5&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1480676&pubImpId=2e805d7fa664b2&px=0&py=0&vpd=0&cnsntv2=CPifETHPifETHBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=300&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000944&sig=paiSWbm3&apv=false&false&osLang=en-US&winW=300&winH=600&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&ref=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&ogn=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 92bb079b55aa19bd93a85c1c0415bc038370d84deacd1dfd95806a13e8994591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 14 Nov 2022 23:47:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid: 6a40b92ab5c75a1e03963bd3bbaee16e
content-length: 10169
x-served-by: cache-lga21982-LGA, cache-fra-eddf8230113-FRA
pragma: no-cache
x-timer: S1668469680.525567,VS0,VE246
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
cache-control: no-cache
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1978
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEIoYDr8JDxs7noO6Ja0cqkg&google_cver=1&google_push=ASkJ3FZGWoyQBnZgiNvGKF57K-tX3fjU1TG5pV33zn8kTk9tIrXKH1ikNZM_H4a_OuSCgiL12InAEEvhQxOLVXbd8di4D_Mp1VF1Hw
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RG1CUjhwS2NBUG1BRm5td3NOTnlZdw%3D%3D&google_push=ASkJ3FZGWoyQBnZgiNvGKF57K-tX3fjU1TG5pV33zn8kTk9tIrXKH1ikNZM_H4a_OuSCgiL12InAEEvhQxOLV...

170 B
188 B

59ms
52ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RG1CUjhwS2NBUG1BRm5td3NOTnlZdw%3D%3D&google_push=ASkJ3FZGWoyQBnZgiNvGKF57K-tX3fjU1TG5pV33zn8kTk9tIrXKH1ikNZM_H4a_OuSCgiL12InAEEvhQxOLVXbd8di4D_Mp1VF1Hw

Requested by

Host: imginn.com
URL: https://imginn.com/redpilltotal/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=RG1CUjhwS2NBUG1BRm5td3NOTnlZdw%3D%3D&google_push=ASkJ3FZGWoyQBnZgiNvGKF57K-tX3fjU1TG5pV33zn8kTk9tIrXKH1ikNZM_H4a_OuSCgiL12InAEEvhQxOLVXbd8di4D_Mp1VF1Hw
date: Mon, 14 Nov 2022 23:48:00 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: nginx
content-length: 245
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1978
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFjIrJl9-L5VvE3KaNGCXj8&google_cver=1&google_push=ASkJ3FZ5FTpACFG7CnlALYnAgjjqw2Si8lZTXAep_RzHP9fACEgSvZXO1o_qJxoviSwt-0ENYgk8EXq2ro6_jmrt3eAoiMO...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFjIrJl9-L5VvE3KaNGCXj8&google_cver=1&google_push=ASkJ3FZ5FTpACFG7CnlALYnAgjjqw2Si8lZTXAep_RzHP9fACEgSvZXO1o_qJxoviSwt-0ENYgk8EXq2ro6_jmrt3eAoi...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZ5FTpACFG7CnlALYnAgjjqw2Si8lZTXAep_RzHP9fACEgSvZXO1o_qJxoviSwt-0ENYgk8EXq2ro6_jmrt3eAoiMOP5_y0qg

170 B
188 B

27ms
26ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZ5FTpACFG7CnlALYnAgjjqw2Si8lZTXAep_RzHP9fACEgSvZXO1o_qJxoviSwt-0ENYgk8EXq2ro6_jmrt3eAoiMOP5_y0qg

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:47:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FZ5FTpACFG7CnlALYnAgjjqw2Si8lZTXAep_RzHP9fACEgSvZXO1o_qJxoviSwt-0ENYgk8EXq2ro6_jmrt3eAoiMOP5_y0qg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 1978 0
44 B 795ms
264ms Image
text/plain 54.178.139.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEGJwk5UGt-9BPD5i1Sh3x3M&google_cver=1&google_push=ASkJ3FagIvF7nsIFSrygE-esvbHlWAxjFt8TU8HIgKorQ0AZMlzpq1CtHePNDcO4kvzmlfUB6qeHwRbdhZgFNvROcPyX9eg0WcSRuA
Requested by: Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.139.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-139-24.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:00 GMT
server: awselb/2.0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1978
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEJ04TjN-KX4eVcX2AiUGhrA&google_cver=1&google_push=ASkJ3FYnnGMdq7r2H3uHlEuhoh_IwXLdUry78ZLp-wSJfwBR4Or2euz9i1Hfb9TFzlR_XRPHwAETAx-f79YniymWNSwmvdl...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3FYnnGMdq7r2H3uHlEuhoh_IwXLdUry78ZLp-wSJfwBR4Or2euz9i1Hfb9TFzlR_XRPHwAETAx-f79YniymWNSwmvdlvJ6AjCOg&google_hm=NjQ0NjE5...

170 B
188 B

27ms
27ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3FYnnGMdq7r2H3uHlEuhoh_IwXLdUry78ZLp-wSJfwBR4Or2euz9i1Hfb9TFzlR_XRPHwAETAx-f79YniymWNSwmvdlvJ6AjCOg&google_hm=NjQ0NjE5OTY5MzYyMTI2Nzk1Nw==

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:47:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ASkJ3FYnnGMdq7r2H3uHlEuhoh_IwXLdUry78ZLp-wSJfwBR4Or2euz9i1Hfb9TFzlR_XRPHwAETAx-f79YniymWNSwmvdlvJ6AjCOg&google_hm=NjQ0NjE5OTY5MzYyMTI2Nzk1Nw==
Date: Mon, 14 Nov 2022 23:47:59 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 1978
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEE3rvPwH6QhnMKnCG3KUedQ&google_cver=1&google_push=ASkJ3FY4nOi2HyvET-hMOckCyg0VAnRkmoRNqo1P9VPbr0lOurdBmZMaLrDo2fXGet6rwWqFntC-p8Dcg3Y-OiO4VHt3AxBt2QKj28U
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FY4nOi2HyvET-hMOckCyg0VAnRkmoRNqo1P9VPbr0lO...

43 B
1 KB

87ms
28ms

Image
image/gif

162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FY4nOi2HyvET-hMOckCyg0VAnRkmoRNqo1P9VPbr0lOurdBmZMaLrDo2fXGet6rwWqFntC-p8Dcg3Y-OiO4VHt3AxBt2QKj28U

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 14 Nov 2022 23:47:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Mon, 14 Nov 2022 23:47:59 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FY4nOi2HyvET-hMOckCyg0VAnRkmoRNqo1P9VPbr0lOurdBmZMaLrDo2fXGet6rwWqFntC-p8Dcg3Y-OiO4VHt3AxBt2QKj28U
x-download-options: noopen
vary: Accept
content-length: 274
x-xss-protection: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 1978
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAADkPo55x4wlEeYOK9SWjk&google_cver=1&google_p...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FbluFjo1ZR6tlXoQLhsZHZFjfq3acgGyx8YEAQm_USsTcTrGlTcf6__l1ZmYVjvWALcpDssCMISuzDqJD8DI_dS4ogd8NAYEtI
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

47ms
47ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Mon, 14 Nov 2022 23:47:59 GMT
pragma: no-cache
date: Mon, 14 Nov 2022 23:47:59 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:47:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1978
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKL0TB7yN...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKL...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0d1087f2-d7e2-478e-a467-5e48b2922e60&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

62ms
28ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0d1087f2-d7e2-478e-a467-5e48b2922e60&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:47:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0d1087f2-d7e2-478e-a467-5e48b2922e60&%%GOOGLE_PUSH_PAIR%%
date: Mon, 14 Nov 2022 23:47:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1978 0
232 B 88ms
23ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IuzvBiIfaFKIMbJgmdYY8D999VRUf1YI21de8scFe-GdG5S0uVpc2Fftae1YGveTPpQifDHAFncA

Requested by

Host: 9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
URL: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ Frame 01A8 4 B
325 B 453ms
99ms XHR
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1668469679536&sessionId=e4e48692-8d70-6c77-d57a-762aa2ca2183&url=imginn.com&cheqSource=1&cheqEvent=3&responseTime=859
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:47:59 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: a24f7fe10b1faede12c250eb2d3a988f
Content-Length: 4
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame B5CB 89 KB
11 KB 52ms
31ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jjad4g9vpv306maqqnf9v0nvqtrcc9m923g1hhr54avphmdex0drnb1b86rry5qjbzryq073dvfp2r8zmv52bykc1rqng5rc76spw97epkcaxawt45t7zfkn4esbwskd7e4kn26he90vqnr4nk8vh5e375mth2fd978f7v3zrmkjx4p6ghvfrbdqekt1ehgzs5wdfan82wwkmnbn4ke1847pt2z7e39kh5bhjpaenjfzmth2x7bejxxbkh207w7f3rkzxz3gwqy6p6hjqqpawrvmg5dn4rrgr3r20n7jfk87tvdhqswqfnd416b70a669jt0x4xb68ssd0qq0rawagje6v6jajrxm48z6tjf1961rpam7gjp5xxev44kc5t51f6y40amq96m1j9afsdjtjpa4ygmwc03966r9g024s4wd66n7et62t0yf2sz9xs2hjkr48q&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%26client%3Dca-pub-3831894559014614%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jjad4g9vpv306maqqnf9v0nvqtrcc9m923g1hhr54avphmdex0drnb1b86rry5qjbzryq073dvfp2r8zmv52bykc1rqng5rc76spw97epkcaxawt45t7zfkn4esbwskd7e4kn26he90vqnr4nk8vh5e375mth2fd978f7v3zrmkjx4p6ghvfrbdqekt1ehgzs5wdfan82wwkmnbn4ke1847pt2z7e39kh5bhjpaenjfzmth2x7bejxxbkh207w7f3rkzxz3gwqy6p6hjqqpawrvmg5dn4rrgr3r20n7jfk87tvdhqswqfnd416b70a669jt0x4xb68ssd0qq0rawagje6v6jajrxm48z6tjf1961rpam7gjp5xxev44kc5t51f6y40amq96m1j9afsdjtjpa4ygmwc03966r9g024s4wd66n7et62t0yf2sz9xs2hjkr48q&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%26client%3Dca-pub-3831894559014614%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 1059738
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76a3a2a95b3a9b92-FRA
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame B5CB 36 KB
12 KB 36ms
26ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jjad4g9vpv306maqqnf9v0nvqtrcc9m923g1hhr54avphmdex0drnb1b86rry5qjbzryq073dvfp2r8zmv52bykc1rqng5rc76spw97epkcaxawt45t7zfkn4esbwskd7e4kn26he90vqnr4nk8vh5e375mth2fd978f7v3zrmkjx4p6ghvfrbdqekt1ehgzs5wdfan82wwkmnbn4ke1847pt2z7e39kh5bhjpaenjfzmth2x7bejxxbkh207w7f3rkzxz3gwqy6p6hjqqpawrvmg5dn4rrgr3r20n7jfk87tvdhqswqfnd416b70a669jt0x4xb68ssd0qq0rawagje6v6jajrxm48z6tjf1961rpam7gjp5xxev44kc5t51f6y40amq96m1j9afsdjtjpa4ygmwc03966r9g024s4wd66n7et62t0yf2sz9xs2hjkr48q&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 565675
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBQY1sOhc1Xe1yQylpizOTRWz%2BDbuxTvgdDgE3x6%2FAZ7nSn61TNqO7mW%2FkpDYIsWJ%2FuMiG2HnD98V%2BhflKcPdn%2FQqYGYoY5r7tYlkDs0GrD9Eu%2FqEhpcrLthyJ%2BjMJnqt4ci6vk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 76a3a2a948c7bbd9-FRA
expires: Tue, 01 Nov 2022 10:40:10 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B5CB 3 KB
4 KB 90ms
35ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25373961
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2wM6FfhZov9OvKsNwnXP1aXXrbrwSIp7fULNOGVQETNik4EvRfCRljuoudzUOyIx0fHok2uIzeXD6Nbiwt4nOx1mnWygLOg7saEubHyDSsamJNtG60lguqAV0G8W4%2Bh6Wq6R%2BFZfM5FGvpcOlk2n1g6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 76a3a2aa0f95bbf5-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 41AD 2 KB
1 KB 28ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1654966
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 76a3a2a9bba29b92-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 23:47:59 GMT
expires: Wed, 26 Oct 2022 21:05:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geDdbl8LTPxvv2kKRKB74TCnvP8OvJ0nt8j6yLrjDn3woxVWXCIubRcjq4gnwT9sj70w6Li3LbUJg4K0QX4lN7oaTheLchoN28VH%2BNcLSSv1Svom9Tswri1uKvEfoquVVWViDRs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7875 42 B
64 B 95ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvEIYDQd1JoXjLgwoxcEoX2-LP3NsfNFFpxJGEDZFrQB3lMDMLDOU8t0Iz6EW0XMsMN2qmTaVQNq36NwDIRttnszgTX3dqz5bMIJIl_xx1qrrkvtgyi32bEf46zHhTwWcwwq5m4Cb_8RsrkFWkJm4dhcXUaZWQNNnkYQ&sai=AMfl-YSFoDsYfrpvg4tpt_6flUn5hEG7Aoe_Rm9AmYvQwUudfACmAydcNgUXXWH2cuiCvk7ys2S9UbyIXPYfxmM4KhZxFnG5A1soRTVzZ56LJ1fRtlFluwNUVAyiUPMNWpc2Kz4&sig=Cg0ArKJSzEmmIUmABYkpEAE&cid=CAQSPwDq26N9ZmbRv6mm084Nn_29r839IalWa1HhbEcJ9QhWP5_WBZQpR1AOTtJQyuIYJ6TdsqgyJDIzjHpHpI4cWhgBIBM&id=ampim&o=350,321&d=900,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=325&tls=1325&g=100&h=100&tt=1325&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: imginn.com
URL: https://imginn.com/redpilltotal/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:47:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame B5CB 2 KB
2 KB 41ms
41ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d950e80d3a09ebb23557dfe0081da0e88860ba6c92315e9e6a9419b578c46aa5

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDamd%2FueLQvMLhIQZ4nigqPBd1O5myOG%2FOw%2B1QysMLVdgR8EypWleXrCJqxGe6OpAmv1tJZ6XF6F87Sg06F9ges6DnrnMdDqls0QhV8NRcKCan%2BYLUaMP3a%2FnJysFduTdbA95zw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 76a3a2aa7ef9bbb6-FRA
x-backend-server: aa-reachservice-group-europe-west1-r18q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 70ms
46ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76a3a2aa3e8abbb6-FRA
content-length: 24
content-type: text/plain
date: Mon, 14 Nov 2022 23:47:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Kyecgf7Y%2BGALus%2FpOWzcA6kkOskoAYO%2FqfNY8hmEY6EBVZ33cWcLIApQRZoaWfLmq2ygyEmcbwVxhfAovblVLPKJwvmQMKc4lcx0z4BlqQ0S0a4X%2B4NZOybcn4BNeu%2FByI%2Buh8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 1514 2 KB
1005 B 33ms
33ms Document
text/html 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=03fa2eb9-282d-4c5e-8174-ac2db8fa32e5
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Referer: https://imginn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 686
content-type: text/html
date: Mon, 14 Nov 2022 23:47:59 GMT
etag: "1e015194a0e596827cb8971f884eb43c:1668444396.293448"
expires: Mon, 21 Nov 2022 23:47:59 GMT
last-modified: Mon, 14 Nov 2022 15:10:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 0158 416 B
599 B 33ms
32ms Document
text/html 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer: https://imginn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 282
content-type: text/html
date: Mon, 14 Nov 2022 23:47:59 GMT
etag: "c0311cf15c21ddda054005e92fad3f9e:1668444393.475733"
expires: Mon, 21 Nov 2022 23:47:59 GMT
last-modified: Mon, 14 Nov 2022 15:10:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 01A8 3 KB
3 KB 31ms
30ms Image
image/svg+xml 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 14 Dec 2022 23:47:59 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ Frame 01A8 2 B
292 B 463ms
97ms Fetch
text/plain 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=e85f0fcd9bec70af713316a4aeaad98a_178258_1668469679723&tm=1111&eT=0&widgetWidth=300&widgetHeight=600&widgetX=0&widgetY=0&wRV=2000944&pVis=1&lsd=03fa2eb9-282d-4c5e-8174-ac2db8fa32e5&eIdx=&cnsntV2=CPifETHPifETHBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=805&oo=false&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 14 Nov 2022 23:48:00 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: a86f818b935169d2357ab76d2b5c35c6
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ Frame 01A8 48 KB
18 KB 108ms
33ms Script
text/javascript 2600:9000:2315:7a00:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:7a00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 13:10:44 GMT
content-encoding: gzip
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: DUS51-P2
age: 38235
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: ZNnFsqIA-09_i1IWT8iV2jS9hRk6zn7pcf7WPZ6IprYGB75TBqGrHA==
expires: Tue, 15 Nov 2022 01:10:44 GMT

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame B499 18 KB
6 KB 35ms
29ms Document
text/html 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 547da37c339a2a8979e4ceff967fe62f3777f586e1e438435236c46c049f794c

Request headers

Referer: https://imginn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 5873
content-type: text/html
date: Mon, 14 Nov 2022 23:47:59 GMT
etag: "eb6f12a90369cd1799e9dcdcbd9865cc:1668326737.095418"
expires: Mon, 21 Nov 2022 23:47:59 GMT
last-modified: Sun, 13 Nov 2022 07:59:33 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0B55 13 KB
5 KB 44ms
43ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8ff6680423b2840ee05574aa6de1885edb315494e571bb8d36bb88f561e32dd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jjad4g9vpv306maqqnf9v0nvqtrcc9m923g1hhr54avphmdex0drnb1b86rry5qjbzryq073dvfp2r8zmv52bykc1rqng5rc76spw97epkcaxawt45t7zfkn4esbwskd7e4kn26he90vqnr4nk8vh5e375mth2fd978f7v3zrmkjx4p6ghvfrbdqekt1ehgzs5wdfan82wwkmnbn4ke1847pt2z7e39kh5bhjpaenjfzmth2x7bejxxbkh207w7f3rkzxz3gwqy6p6hjqqpawrvmg5dn4rrgr3r20n7jfk87tvdhqswqfnd416b70a669jt0x4xb68ssd0qq0rawagje6v6jajrxm48z6tjf1961rpam7gjp5xxev44kc5t51f6y40amq96m1j9afsdjtjpa4ygmwc03966r9g024s4wd66n7et62t0yf2sz9xs2hjkr48q&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%26client%3Dca-pub-3831894559014614%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76a3a2aafd0f9b92-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:47:59 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 eyJpdSI6IjVjMGFjM2QyNmI0MTU3YzBiZjZhYzQ1NDIzYTUxZjIzZDRhYzA1YWVjMTE0ZDllMGY4NDM0MDU2MzU0ODUzYmEiLCJ3IjozOTAsImgiOjI2NSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 01A8 66 KB
66 KB 153ms
36ms Image
image/webp 95.101.201.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVjMGFjM2QyNmI0MTU3YzBiZjZhYzQ1NDIzYTUxZjIzZDRhYzA1YWVjMTE0ZDllMGY4NDM0MDU2MzU0ODUzYmEiLCJ3IjozOTAsImgiOjI2NSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e29094749e206e8a6c9b944936f3cc55868ddaa7002775214aac03eb5e45c951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
last-modified: Fri, 28 Oct 2022 13:25:46 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1995795
access-control-allow-credentials: false
x-traceid: 7069bbae6ccb2d0bd542651459494966
timing-allow-origin: *, *
content-length: 67088

GET
H2 200 eyJpdSI6ImM1ZDY0MjgxZDYwNzk1NTQ0NmNkOTA3YzIwNzkzNTc4NTZmODJkYjJiMjNjYzgwYzZlZDI5MDI0YmRkMDhhNDEiLCJ3IjozOTAsImgiOjI2NSwiZCI6MS41LCJjaCI6ODgzNjI5NDAxLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 01A8 33 KB
34 KB 185ms
68ms Image
image/webp 95.101.201.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM1ZDY0MjgxZDYwNzk1NTQ0NmNkOTA3YzIwNzkzNTc4NTZmODJkYjJiMjNjYzgwYzZlZDI5MDI0YmRkMDhhNDEiLCJ3IjozOTAsImgiOjI2NSwiZCI6MS41LCJjaCI6ODgzNjI5NDAxLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74cce1f4229b86b69cb277157726d3919d7591ab7f64b5f1415a56bbaea38bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
last-modified: Sat, 29 Oct 2022 20:19:52 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1318353
access-control-allow-credentials: false
x-traceid: d396421e1f92bec64a8efd453d1323ce
timing-allow-origin: *, *
content-length: 34162

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ Frame 01A8 4 B
325 B 258ms
107ms Fetch
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=e85f0fcd9bec70af713316a4aeaad98a&pvId=e85f0fcd9bec70af713316a4aeaad98a&sid=8708221&pid=178258&idx=0&wId=125&pad=2&org=0&tm=1168&eT=3&cnsnt=CPifETHPifETHBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2000944&pVis=1&lsd=03fa2eb9-282d-4c5e-8174-ac2db8fa32e5&eIdx=0&oo=false&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:48:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b6b2697355002e8b4a258e9192be8983
Content-Length: 4
Expires: 0

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 0158 610 B
908 B 29ms
29ms Document
text/html 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 610
content-type: text/html
date: Mon, 14 Nov 2022 23:47:59 GMT
etag: "48053d50141031b1511dbd30f9a31288:1668444394.197136"
expires: Mon, 21 Nov 2022 23:47:59 GMT
last-modified: Mon, 14 Nov 2022 15:10:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H2 451 420046.gif
idsync.rlcdn.com/ Frame B499 0
98 B 139ms
27ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420046.gif?partner_uid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://b1sync.zemanta.com/usersync/outbrain/?puid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&s=2&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=tG4lycyModpv07Ge-imc&gdpr=0&us_privacy=1---

0
145 B

229ms
97ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=zemanta&uid=tG4lycyModpv07Ge-imc&gdpr=0&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: f9b2e90ec259c1e2e0089b9efe8844ac
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:48:00 GMT
Content-Type: text/html; charset=utf-8
Location: https://sync.outbrain.com/cookie-sync?p=zemanta&uid=tG4lycyModpv07Ge-imc&gdpr=0&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 130
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dappnexus%26uid%3D%24UID%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr...
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3112462152479183588&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

0
145 B

507ms
117ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3112462152479183588&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: cd7dea45e1e2e656bcc8f1ec6bcaa205
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:48:00 GMT
AN-X-Request-Uuid: 6d1963ef-1477-4e93-8856-d0adb64d7e53
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3112462152479183588&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
Connection: keep-alive
X-Proxy-Origin: 193.27.14.23; 193.27.14.23; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame B499
Redirect Chain

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_pd=1&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_pd=1&gdpr_consent=

42 B
942 B

63ms
52ms

Image
image/gif

52.214.5.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_pd=1&gdpr_consent=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

HTTP/1.1

Server

52.214.5.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-5-219.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0333db6ef.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: M7pH2HCcSjI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-02cc342ef.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: yiNmWCXNSO0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 set
sync-jp.im-apps.net/imid/ Frame B499 43 B
194 B 883ms
259ms Image
image/gif 52.197.61.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.61.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-61-177.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 14 Nov 2022 23:48:00 GMT
cache-control: max-age=3000
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
content-length: 43
expires: Tue, 15 Nov 2022 00:38:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1
https://sync.outbrain.com/cookie-sync?p=ttd&uid=46455199-3a10-49f5-aada-139e8aa7c5e8&gdpr=1&gdpr_consent=

0
145 B

492ms
119ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=ttd&uid=46455199-3a10-49f5-aada-139e8aa7c5e8&gdpr=1&gdpr_consent=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: c71c2d46b79bb40500234db99e09206c
Content-Length: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.outbrain.com/cookie-sync?p=ttd&uid=46455199-3a10-49f5-aada-139e8aa7c5e8&gdpr=1&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 241

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame B499 0
338 B 163ms
39ms Image
text/plain 34.253.97.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.97.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-97-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: beacon-n003-dub-prod.krxd.net
date: Mon, 14 Nov 2022 23:48:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1668469680
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame B499 43 B
502 B 127ms
17ms Image
image/gif 18.184.112.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.112.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-112-206.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:47:59 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=df94a1e6-26f9-4960-bf4c-3bca27c094b3

0
145 B

413ms
100ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=df94a1e6-26f9-4960-bf4c-3bca27c094b3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: 9e91acb1dd2a5577f37b601d62733ce7
Content-Length: 0

Redirect headers

Location: //sync.outbrain.com/cookie-sync?p=mediaforce&uid=df94a1e6-26f9-4960-bf4c-3bca27c094b3
Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://x.bidswitch.net/sync?ssp=outbrain&user_id=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=outbrain
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=outbrain
https://x.bidswitch.net/sync?dsp_id=70&user_id=5245590699115982519&ssp=outbrain
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=0d1087f2-d7e2-478e-a467-5e48b2922e60&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
145 B

412ms
96ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=0d1087f2-d7e2-478e-a467-5e48b2922e60&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: a4402c9d8f53f0fa13ee38f1b2db2d41
Content-Length: 0

Redirect headers

location: //sync.outbrain.com/cookie-sync?p=bidswitch&uid=0d1087f2-d7e2-478e-a467-5e48b2922e60&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 14 Nov 2022 23:48:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B499 43 B
363 B 135ms
24ms Image
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%40%40CRITEO_USERID%40%40

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:47:59 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 617054
expires: Mon, 14 Nov 2022 00:00:00 GMT

GET
H2

200

1011
jadserve.postrelease.com/suid/ Frame B499
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEFkdaXz92ELqVFUkIK5A28&google_cver=1
https://jadserve.postrelease.com/suid/1011?vk=0d1087f2-d7e2-478e-a467-5e48b2922e60

43 B
428 B

184ms
31ms

Image
image/gif

52.19.19.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1011?vk=0d1087f2-d7e2-478e-a467-5e48b2922e60
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Server: 52.19.19.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-19-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

location: //jadserve.postrelease.com/suid/1011?vk=0d1087f2-d7e2-478e-a467-5e48b2922e60
date: Mon, 14 Nov 2022 23:47:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7166022709969287320&gdpr=0&gdpr_consent=

0
145 B

506ms
116ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7166022709969287320&gdpr=0&gdpr_consent=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: bc6858b44f795b906b3ce91233b55795
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7166022709969287320&gdpr=0&gdpr_consent=
Date: Mon, 14 Nov 2022 23:48:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame B499 0
344 B 92ms
20ms Image
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpn7m0&uid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
id.geistm.com/m/OB/ Frame B499 0
0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://creativecdn.com/cm-notify?pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---
https://creativecdn.com/cm-notify?pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---&tc=1
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=eeQOtOJNRNwbK0Gt0DY0&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---&tc=1

0
145 B

405ms
101ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=eeQOtOJNRNwbK0Gt0DY0&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---&tc=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: ff269c0aab31cd61dbc750b46e2d07af
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=eeQOtOJNRNwbK0Gt0DY0&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---&tc=1
pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT, Mon, 14 Nov 2022 23:48:00 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B499 0
239 B 549ms
121ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6734403d2cb3625dc1fef1bbd4a17cf3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 404 tpid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame B499 49 B
265 B 196ms
43ms Image
image/gif 52.17.7.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.7.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.82
content-length: 49
expires: 0

GET
H2

204

/
loadus.exelator.com/load/ Frame B499
Redirect Chain

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&xl8blockcheck=1
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI{%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}

0
771 B

49ms
46ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI{%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Mon, 14 Nov 2022 23:48:00 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI{"attributes": {}, "agreedId": ""}
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89P...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSA...
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y3LTsC10kySiGE36_nkWXAAAFAwAAAIB&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

0
145 B

153ms
99ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y3LTsC10kySiGE36_nkWXAAAFAwAAAIB&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: e534954599cbe0a886dc03e97c535649
Content-Length: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1AX5QpCdrU7pyA%2Fg4MCnDZzfBBQdAfpXz9J0dnvokJP0gU6yVNNQePWo6v%2Bw3nRaVHl5BoiQUgoqyGfoTWlanNVFc22rksujU%2Bqyo8%2BrZNTMES173Y%2BruGHhrXvqZJZf%2FeW63Flb%2FqVlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y3LTsC10kySiGE36_nkWXAAAFAwAAAIB&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control: no-cache
cf-ray: 76a3a2af49469be9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDA4N0ZGMDgtMjNDRS00OUY5LUI0RTItODQyNUU2RTYyMjkw&gdpr=0&gdpr_consent=PM_CONSENT
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%2...
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---&uid=4087FF08-23CE-49F9-B4E2-8425E6E62290

0
145 B

99ms
98ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---&uid=4087FF08-23CE-49F9-B4E2-8425E6E62290
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:01 GMT
Cache-Control: no-cache
X-TraceId: ace05375e45ba6a0a079ef6a5652f823
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---&uid=4087FF08-23CE-49F9-B4E2-8425E6E62290
date: Mon, 14 Nov 2022 23:48:00 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 cm
u.openx.net/w/1.0/ Frame B499 43 B
304 B 120ms
18ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26uid%3D
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true
https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true&verify=true
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-n.89FLlE2uGIKaA3Rx6sWij0o6Ml0vDOshWaZhI-~A&gdpr=0&gdpr_consent=

0
145 B

97ms
96ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=oath&uid=y-n.89FLlE2uGIKaA3Rx6sWij0o6Ml0vDOshWaZhI-~A&gdpr=0&gdpr_consent=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: c9a9ff3ea0779b6a3e9b06920b91869f
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=oath&uid=y-n.89FLlE2uGIKaA3Rx6sWij0o6Ml0vDOshWaZhI-~A&gdpr=0&gdpr_consent=
date: Mon, 14 Nov 2022 23:48:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68...
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61Fp...
https://cs.emxdgt.com/umcheck?apnxid=3112462152479183588&redirect=https://sync.outbrain.com/cookie-sync?p=emx&uid=$EMXUID&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr...
https://sync.outbrain.com/cookie-sync?p=emx&uid=3112462152479183588brt51581668469680728835f1&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

0
145 B

96ms
95ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=emx&uid=3112462152479183588brt51581668469680728835f1&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: 2c488ffec647f3a57601ef5560615703
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=emx&uid=3112462152479183588brt51581668469680728835f1&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
date: Mon, 14 Nov 2022 23:48:00 GMT
content-length: 0
content-type: text/html

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt...
https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf6...
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=7ab9fe71-8f81-48ca-9d40-32638caeefee&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_priva...

0
145 B

97ms
97ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=7ab9fe71-8f81-48ca-9d40-32638caeefee&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: 75e26de3c3a712a479fdf368c43d4770
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=7ab9fe71-8f81-48ca-9d40-32638caeefee&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
access-control-allow-origin: *
date: Mon, 14 Nov 2022 23:48:00 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 /
s.ad.smaato.net/c/ Frame B499 0
242 B 104ms
16ms Image
text/plain 2600:9000:211e:0:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:0:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:00 GMT
cache-control: no-cache, must-revalidate
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: EnTBp9ERAryyJrDYri3vB2NqhVrdkoVGYOfSUrLgR4vsJWWPO8cDyQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DQLjEMrm9bMhjBr...
https://sync.outbrain.com/cookie-sync?p=smart&uid=3777080887159330028&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

0
145 B

96ms
96ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smart&uid=3777080887159330028&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: a876768bba8f29b3022e43cfb6ce4c4b
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=smart&uid=3777080887159330028&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
date: Mon, 14 Nov 2022 23:48:00 GMT
content-length: 0

GET
H2 200 c.gif
c.bing.com/ Frame B499 42 B
595 B 120ms
40ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?red3=MSOB_pd&uid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EDB6832DB80C438E92B25489B7ADF05A Ref B: FRAEDGE1821 Ref C: 2022-11-14T23:48:00Z
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 204 services
sync.technoratimedia.com/ Frame B499 0
298 B 375ms
119ms Image
text/plain 132.226.63.138
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26us_privacy%3D1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 132.226.63.138 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:01 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 397989923
access-control-allow-origin: https://widgets.outbrain.com/
access-control-allow-credentials: true

GET
H2 451 711945.gif
id.rlcdn.com/ Frame B499 0
42 B 41ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711945.gif?cparams=obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame B499 0
191 B 134ms
33ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 14 Nov 2022 23:47:59 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=quantcast&&uid=M5t4x2GbLcUozHmQPctik2HLdscon3rAY8ypm-kj

0
145 B

98ms
98ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=quantcast&&uid=M5t4x2GbLcUozHmQPctik2HLdscon3rAY8ypm-kj
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Cache-Control: no-cache
X-TraceId: a6d2fefada4c09b695cc9660034cca61
Content-Length: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://sync.outbrain.com/cookie-sync?p=quantcast&&uid=M5t4x2GbLcUozHmQPctik2HLdscon3rAY8ypm-kj
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%7BuserId%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3p...
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---&ev=1&us_privacy=${us_priv...

0
145 B

100ms
99ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---&ev=1&us_privacy=${us_privacy}&pid=562709
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:01 GMT
Cache-Control: no-cache
X-TraceId: a6cc7e51de6e743beba27950aa4d80a7
Content-Length: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---&ev=1&us_privacy=${us_privacy}&pid=562709
content-language: de-DE
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7bd458bbdd-tv5d9
expires: -1

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame B499
Redirect Chain

https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI%26g...
https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

0
145 B

99ms
98ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:48:01 GMT
Cache-Control: no-cache
X-TraceId: d74ce6625b90221f220c0c31a4977fe4
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---
date: Mon, 14 Nov 2022 23:48:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
content-type: text/html; charset=utf-8

GET
H/1.1 200 9.gif
id5-sync.com/s/164/ Frame B499 43 B
1 KB 27ms
25ms Image
image/gif 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/164/9.gif?puid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 14 Nov 2022 23:48:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 0B55 89 KB
11 KB 49ms
46ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 1059738
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76a3a2ab5d9f9b92-FRA
expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 0B55 8 KB
9 KB 52ms
34ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 682688
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gX6M453bTeCvKRk2PhXi%2Fj0rFp2Rqm%2B9rfTC2I%2BYdZFBFTRLcznSaZ30SsKiIEVwV2FxS%2BrnalZ9%2BMg7ygMNcPvpJBlWRgqirEQT%2BSC%2BqRM70U5ZvBCcuYR948iEsplIC5lXSM2ExnepQ4h%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76a3a2ab7c19bbd9-FRA
expires: Tue, 15 Nov 2022 23:47:59 GMT

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 0B55 93 KB
94 KB 61ms
54ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1821131
cf-polished: origFmt=png, origSize=155400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtNu%2F0uStIWS09ACUT37bj3StPPg13CnpdwVrs3pYyL3EmWW66pbWnjn1RdOW5IFckkqFwUX6Fczi66laSxhHikRY9xS2q5L5vtq%2BzNzE2PV1QrYqPGlvMa85OL9H9Atv51y2okvL86IWuGV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76a3a2ab7c16bbd9-FRA
expires: Tue, 15 Nov 2022 23:47:59 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 0B55
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CI-E4fTtrvsCFRTcdwodiJMBsw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668469680_c5a6b9b1-6476-11ed-adce-2234a4c513ba

0
517 B

159ms
28ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668469680_c5a6b9b1-6476-11ed-adce-2234a4c513ba
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:48:00 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Mon, 14 Nov 2022 23:48:00 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668469680_c5a6b9b1-6476-11ed-adce-2234a4c513ba
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 0B55 5 KB
5 KB 63ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1055937
cf-polished: origFmt=png, origSize=17428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4642
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 09:58:13 GMT
server: cloudflare
etag: "aa8fff6f6c7d296f039d5bcda00d5257"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxdgqGv2D7Jb%2BMTbuTsHtlzdggdSsfNzBVliCnMBP5HHcO43bWOt0bWwd2NBRlylp3EjQUvOvtkq3gZLhsdcXlSRNm9ofzWmBJ7jo4SwSmpfaYNQXA1tdsCBi3a71G8Hyn1fjfxjy0kd1OUt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76a3a2ab7c17bbd9-FRA
expires: Tue, 15 Nov 2022 23:47:59 GMT

GET
H2 200 B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame 0B55 418 KB
419 KB 41ms
35ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1903025
cf-polished: origFmt=png, origSize=725824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 428526
cf-bgj: imgq:85,h2pri
last-modified: Thu, 03 Mar 2022 16:06:29 GMT
server: cloudflare
etag: "4bc7b5f2b8f57f9439aaac8fcacf7e77"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOJWX3Oa3emJb2%2B4Mz94Y3TIEDtWTrcgS3WGhLJ2VCJsCZhwtHus31vPGiOwTF4L186qolcjj7bxob%2BXBGV875Xc%2ByU5EM9wfsQFPArh8mUA7NW0%2FU4ifggnBzzg9BPdbny7uSwD98q6Rz3L"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76a3a2ab7c1abbd9-FRA
expires: Tue, 15 Nov 2022 23:47:59 GMT

GET
H2 200 B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 0B55 26 KB
26 KB 62ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1745727
cf-polished: origFmt=png, origSize=53992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26236
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jun 2022 14:47:26 GMT
server: cloudflare
etag: "e460905652d65e6a54a57da046f52d6c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NiekF7BcKAwrMBn5CgK52%2B2QBoXhi9EaIiy03DiuNsemcp%2FxBZAHPlKkhrqmazChIiqX95ZoxIHiImn3OVI%2BuP8ssE%2BtrpSm%2Fb7Hwjj06J3aUN3WYzUqT4KHaYeaLexxv7n00IH6KzV0rK8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76a3a2ab7c1bbbd9-FRA
expires: Tue, 15 Nov 2022 23:47:59 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 0B55 54 KB
55 KB 60ms
55ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:47:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 925063
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55798
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DboJiGc8MJYo67zdyXkiBnpB6KZIfpOcXi73hByj9AFEqgJ9p6rXHkxzVYjEgBjHG5mhmL5TkYGhxc47Bge3zXgW9Cq7%2Fw0z9eUR36N5QjPkqBGp7NU6Z1aKP8pIqwGG3I9hHag9L7BuhFtm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76a3a2ab7c1cbbd9-FRA
expires: Tue, 15 Nov 2022 23:47:59 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ Frame 01A8 2 KB
2 KB 392ms
144ms Script
text/javascript 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fimginn.com%2Fredpilltotal%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=94051098699801288257101672895522131152302110889322117291276510822796&nc=0&tsf=0&tsfmi=&pv=0&cb=1668469680042&ref=&pit=0&hl=2&op=0&fs=300x600&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1563651821&at=&bid=e30%3D&di=W1siZWYiLDk0NzddLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6OSxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEwNTE2%0D%0AOTQwODksXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjEwLGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJI%0D%0ASkw4NkwyM0FDR1VoQkl3SVNTRUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9y%0D%0AODcwdXhxRngiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJw%0D%0AYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJd%0D%0ALFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9n%0D%0AOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAu%0D%0AODE4MTgxODE4MTgxODE4Mn0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJb%0D%0AMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYw%0D%0AMCwxMjAwLDE2MDAsMTIwMCwzMDAsNjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMjM1%0D%0AMDAwMTkyLjE2Njg0Njk2NzciXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMs%0D%0AIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MzUxMDAwMDAsXCJ1amhz%0D%0AXCI6Mjc2MDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LDAsXCI0Z1wiLG51%0D%0AbGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIs%0D%0AMCwyLDAsMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0z%0D%0AMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2Njg0Njk2ODAwMTIsMF0iXSxbLTM2%0D%0ALCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xMDktNjYtNzAtIl0sWy0zOCwiYywtMSwtMSwt%0D%0AMTY2ODQ2OTY3NzMyMywwLDAsMCwwLDAsMTY2ODQ2OTY3NzMyOSwwLDAsMjUxNi41LDI1MTYuNSwy%0D%0ANjkyLDI2OTIiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixc%0D%0AIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFst%0D%0ANDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDEx%0D%0AMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93%0D%0Abixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw5Ml1d&tsfu=&fst=1600x1200&dep=2&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A350%2C%22h%22%3A700%7D%2C%7B%22w%22%3A350%2C%22h%22%3A700%7D%2C%7B%22x%22%3A1250%2C%22y%22%3A250%2C%22w%22%3A350%2C%22h%22%3A700%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=U85NnUT24J&sdd=%7B%7D&pto=2721&ao=https%3A%2F%2Fimginn.com&aol=2&aot=https%3A%2F%2Fimginn.com,https%3A%2F%2Fimginn.com
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 5f5262392c5f9f5343ca091d90e41c5e656b9b7d472db0adb65341e2285ef419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1506
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 0B55 2 KB
2 KB 245ms
82ms Script
text/html 18.169.123.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kf4t4dypepb4045rv97mjdkt7x01bkxv9tw5fxrngj10zmph68r0k668esdaamzvyq89tm528td0dnwtssfgynfq0srwtj0jsw9tz3kgdx5v0e17azzp3v17n5p3xjartm66tpspm2mtgxa70b6a72t0bfdfvjn4dzk67bv0wasfwemssredy9jdabk4b348t275mzbj0zwqa8v3q8bbbvzd6xsa8brcwqavd95nf4znbf2zcbvw70jj7kqrpc45mnvr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5woneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7oneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.123.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-123-253.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 875b84e1145c7f86b0d5329d0c1e0caff48994fbdd3edeaa3f273788c5d46519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:00 GMT
last-modified: Mon, 14 Nov 2022 23:48:00 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 14 Nov 2022 23:49:00 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame 7636 44 B
875 B 176ms
41ms Document
image/gif 94.130.160.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.160.79 Karlsruhe, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.79.160.130.94.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Mon, 14 Nov 2022 23:48:00 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H2 200 link.html Show response
track.webgains.com/ Frame 0B55 2 KB
2 KB 223ms
84ms Script
text/html 18.169.123.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hdg0s4ammw26mspg1pjt66dxf0kxh7xhcz7rx8s7xtzjer9dqtxxb1vk16vtvshxr059gbpaevsft7hajww97vy0n76vgzhh8h0yf1ayj40gqby3pa29t5f0zswdb00440td1xbc9t82vhz706dganhvmcs34690k7jtv6b1gcgbgsxkr9101rbaf4sdc29c9sktfjcd6pbshhegf9ve7g8g0axmqe06nrtjez9n7sbj23c43272qqx57mpa8ff88ft4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.123.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-123-253.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 1e864f96f6a5002e8d278c67994bec488906c1a9c715348e86b4f2622aed3ab7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:00 GMT
last-modified: Mon, 14 Nov 2022 23:48:00 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 14 Nov 2022 23:49:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 0B55 85 KB
31 KB 154ms
22ms Script
application/javascript 108.157.4.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kf4t4dypepb4045rv97mjdkt7x01bkxv9tw5fxrngj10zmph68r0k668esdaamzvyq89tm528td0dnwtssfgynfq0srwtj0jsw9tz3kgdx5v0e17azzp3v17n5p3xjartm66tpspm2mtgxa70b6a72t0bfdfvjn4dzk67bv0wasfwemssredy9jdabk4b348t275mzbj0zwqa8v3q8bbbvzd6xsa8brcwqavd95nf4znbf2zcbvw70jj7kqrpc45mnvr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5woneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7oneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-61.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 01:20:59 GMT
content-encoding: gzip
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 80821
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: eM9UF2Yg9j4b57fQlDukIIIpCYeCuEOtjVtNs0uarkhnKASifnhMPQ==

GET
H2 200 1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame 0B55 55 KB
56 KB 153ms
21ms Image
image/jpeg 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1668469980&Signature=Z~XpEaJY8AbSUn55jovCtbP0zSzy4D5Tu0BgDadMMtpCtIJB9RyrWE8ZgPxFSQ3WLnHE3OYCwgnKRk~f2Mx1Sj9c3GhGjdvKB0GdbGPMzjfiuANvJGU11VjKnXFlJiuHRiFpFdHl-hB9Kl-Lq0HcnoYgW1uTnkKcC7McQFXRasd04x9uDq2MvYgsu3h~6v~cKDEmCJiK81qR73Z3PRUqDZXjpwEAOAKorc9nn-7rLh5457oigEaioe5vcI1d5qV6azE6P3Y4nEpeqFAQtLHQTIW4hpzvc1jGDH88Pg7PT6g4MwHooq5UCY9VSetAAYu8OrGlILt1Bg60u~huvc5gAA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 14 Nov 2022 06:16:57 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 63064
etag: "4e56b45a1411ee8d71fc40bc011df5b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 56674
x-amz-cf-id: l5_WZ_ZXg3vaTQx6qJFDVwkd9aVtCgCML35AjVuYpmBiJsCRgnyCpw==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 0B55 15 KB
15 KB 181ms
49ms Image
image/png 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1668469980&Signature=iVlXFD8kY61w4WlYJ2l7BCTwJVIDIv42svUhb7EDivp-xANciT3JVhm7k9QKcep1yoi7eFTgtpfDXe~YffHR7Kun9QrqIxoVboTnah6PAyFAkFltfilZxkZAiyD4OBg4rginhzLYt3LnT824B3cshA5qEz6ogNCswBcFf-HC2u2eR3y-AmI1kI3KJcwFXLxWm2aclzvCEs56t0kMg675bVJC6u4kYVzDVAaZ130W9nGwoJhGMZsLIPBpGpXMSbhqGbjzT1G6wiqAj7G0blnUDSQaN9L1VTMC6Yz~dFIyXx~2sTVw9GUx9lGlcQR2L2dAsVVbNZwxwBOr9-OGJk2aKg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C182475%2C197862&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=728&d=90&e=&g=6106844027ecddf303e9f2e85cf89cc8%2F16726329374626336861&i=25174%2C65760%2C71725&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1668469679777&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kvefdwty0vjwm7efrxrz7s2bbz38c7j3js6yfrk21yyrpyfpfxw3k7mmv9phe5cg4fv5wxwd04mqwgkf96s50raf6rze0m4ekrf26sxetqbxjs45qrg406d64thxnq1vfehae9h8w3m6ne9t4d9xgmzfgjk5ynhk8z0t3jwbmtdkd7bzk3wtgk4tcdtcps7eejq57qe3wjmw01c9kjrpwk8te7gy7avercc1d2rjqc0jnnzs8sc3kjh1n05en43zsmnggtkjmg5c3fdkz8x3t39%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH3_1rtNyY7e0Ftfgx_APx9yY0A6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLAeGZwSV-xPuACAKgDAaoExwJP0Ahhh4bKk9J1cuJ86oCNxztF6pupf4AgPp40vUSHMDTi8zW738PzeVYWWtpap7vXJCmhsmFmFOieXV2zflRM8amA94lOg75698CF1rlN5fmgsxOFQJ3TIwIvanPlHeSUhoBVjjqbNGTdlhglYStA-nLEOubZ1-bczAaNnAfNIB-07cPBBLRCDBUEYqO3At4DWOeYNTwZTtWZeyvQM2-ZWW-JqYf9c9OeI_IWZiPiah72LL7z5u3v2oVSvCIFe2U2KxVhoW7n_AmvdLz-yzIdY1olionZmHDZ9FGO_nlwqCgsAQRF_qR7wVhknI3jqynae9YEWbf5BoYyBvMhvvP9_ya52flQ74IGUAsdRwFhSXKPCrV74C8WP5ILEbbPbWU7Ob6VuGGykJ5_fqXZppvekVehRQjN_1-ULp8MBzXxn3qDPFiQqP7gBAGABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTI1NTkzNTIyNjM4NjY1MjD6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3yf2fDw1vDczvpCp8SC8bfndgBcA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 14 Nov 2022 03:47:32 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 72030
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: vfQSx8ETxNC7O8DJO8lLtavxod074_avoXMfjq8L5JM6f4qbyd-RxA==

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ Frame 01A8 43 B
79 B 131ms
120ms Image
image/gif 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136ce6c333e341829d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65337fd78afe6d4e3474fbe498dbd39e821da61c45085052aae2d05f91e44042e9e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1f08f77f6aab90107aefd9fb64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0ecf7ddebb7487cf72dbebeab215137efdb62c4bd47b7454102810b5dd683d9c981b2c527df21d6deedc85ec54d5814aa5f0ddb92921c71d7e974aa00bc971acc26a92a151855cf35b857dc96f47cbc846ac046a7c19ccc7780191c2df6511158724532c6a16cf955d3ca952fab9073f0862fd4cfa9b03d89b7a7073530c8f95947caba051a5aa7a2a224f82890815df3fd2fb07bbc329755c817d4a120da1c27e5b28f65393b7c1e290d5c0bb7e78c6ebf1ea5165c493b8cc15dc38a4a1ef4b9c3a8f93dd0e7e0e094bbfab30d1a7e8818c3e81d37dd1477119321182470e438ef6413c2a6&cb=1668469680479&cri=U85NnUT24J
Requested by: Host: imginn.com
URL: https://imginn.com/redpilltotal/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Mon, 14 Nov 2022 23:48:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4F8F 42 B
64 B 89ms
54ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYA9GShyIuI9Kh3fSMhNDWBHG7T5AXPcvZElEk-7rKSBmyAzIq_-sDBzFdch76r4vKh2nbOs3eDaGC8Wz7-_9aslji&sig=Cg0ArKJSzGjAwSDYkMmNEAE&cid=CAASF-RonXNIxBzOv2SO8DQFbXVZi5MVDnHC&id=lidar2&mcvt=1143&p=1110,436,1200,1164&mtos=1143,1143,1143,1143,1143&tos=1143,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2434620774&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668469678639&rpt=1678&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:48:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 36ms
36ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f63984aebef1da95a98793dbd65a3cda67324e7302bac589000151ea3e4f2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11107
x-xss-protection: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 0B55 16 B
232 B 68ms
67ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Nov 2022 23:48:01 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 132ms
29ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 14 Nov 2022 23:48:01 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 0B55 16 B
232 B 90ms
90ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Nov 2022 23:48:01 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 123ms
29ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 14 Nov 2022 23:48:01 GMT
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Nov 2022 23:48:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4EDC 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imginn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:21:35 GMT
expires: Tue, 14 Nov 2023 23:21:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 523C 783 B
535 B 38ms
36ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

76a38f7293df1746a04b830d6197905bdeca2d5800da04c45833774447cd1c48

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e9ajI3Ir5-kIKIxS9l0Qkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imginn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-e9ajI3Ir5-kIKIxS9l0Qkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:48:01 GMT
expires: Mon, 14 Nov 2022 23:48:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EDC 36 KB
16 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 09:59:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 523C 0
0 50ms
50ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111001&jk=3458667185244936&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4EDC 0
10 B 20ms
16ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZEDlww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:48:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ Frame 01A8 4 B
325 B 380ms
96ms Ping
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://imginn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:48:02 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 8f685dfd8fd7f8a7e4ff1ee2ddd55008
Content-Length: 4
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
51ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111001&jk=3458667185244936&bg=!9Pel97PNAAbvMpMzzzI7ACkAdvg8WtPg_u3QkWAkym5Pv5QfV5cD5x8RaOuzoW-RudTqugKJR6YLowIAAABzUgAAAANoAQcKAEM997Q3Ze5OfzJVCnlrasE6FatdKnqpUJ7Of5Q-wUEmsAXk40AyyWkRpdNjI42zazBvMruOdGdhlllKJ38tYd5hLI2amQKYI4LpOJm06AjzwmLZDQn59g-XKc50h6wtHFKbTq41UwnF0yTuaMvgpF2mrAtT9N-V0S0PHWjPtAmn_rzR9whM96HcQ4HlbwEgfzj8ah1K552pPw-VLOqZ_tmhoe4nfn21jeQjkHUh-bUB2_1niAF7Mh4EzT9dkZsoVCERN9Ml8iwgfnKx6Y3__voJL1rssnR6nfmF2MlO04Uj9XDd7P8OXQbPuMCXSkkpI_6GyoeM2DIB-llmzAMXbue0yFjkmJ3C9OpY77HIN6LtIoag_Vr0-Y7I4jvO34lIjtGEYK3YboTQI_Sqh8RUXXZaYdEsUOSrThR9F6F1YlwlXifhg-T2RZkiY0Tj2QjHoFcpptD21tFXQqNNEgVTznPGvxhElQW1FR7KmbCNMSFFUdT5NGMaIBFvQj107b7FW2I4NbSoXggL3MXvcdGoKC0BF7d1FgDCXloGB2Ma95DyZ8zzHKEo8Nl5aa4LDz6n511Cf5nIUpvj-fdDQ-96GP_RxO7C8SndD3Wc845aw6-H0fGBzuffB1j9rSlV6VpzUIs_ZX-iBi_NCNNiNax4thppzmqLmnjwVzql39v-_3V23luT3O24Z0Rt1J2cx_Ob-WwH1sN0-_x32ekjxnH0Wuvw_b8NjxA0qur4wIvH__KUBdWA6E5g18GnsZW2KXPAX25CTQfHbmkosaC0a1PgkqnzeYfAGZWjSPVMrys6SszstFzOONU7Mf8TAhmaygvm6l9uGUIiKTqb6rwFkTbcWuqCoq7y2Zafb_XW9vWx1SvHAFwDUCv6F-ESb86LsQgJYoPiYkUNmLrRalcH3SB90DfMqSgRZjZ7IZzcXI2CwLDmBk8QkDgfwcLJcob9md7B3pfqXKWUWaVWF5KTOl3LPw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 114ms
31ms Preflight
application/json 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fimginn.com%2F&domain=imginn.com&gdprString=CPifETHPifETHBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://imginn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://imginn.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 14 Nov 2022 23:48:02 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 537405
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET

sid
mug.criteo.com/ Frame 8246
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fimginn.com%2F&domain=imginn.com&gdprString=CPifETHPifETHBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E...
https://mug.criteo.com/sid?cpp=BMWwaXxyNlI2RythcEk1R0lUQ015ZGEyV1VUOUV5UmwvdEZ1cnFlRGtyQXpyUmNWMURrbU4wa0VNQ0Rlb2FBbG1aZWNtejZicHQxa1NWVGNQNnA4SU1ab2pzVG45cjlZcU5YS3hFMGhnQ3ZqQ1M3aFlUdHlTZWVjdktNMl...

0
0

GET
H/1.1 200
OK cksync.php
cs.media.net/ Frame 8246 44 B
410 B 114ms
36ms Image
image/gif 95.101.200.23

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.200.23 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imginn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:48:03 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 44
X-MNET-HL2: E
Expires: Mon, 14 Nov 2022 23:48:03 GMT

OPTIONS sid
mug.criteo.com/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQLWG6pNgKz58VE4HDzON8cZUDHwhM5DEqcwv1CvlTJH-gwVenHKpmdeyKeCxWzchki7bfpyRyktPhIiZbSaCzBJrGVZ5TxVRzvovTe2OI1sLsvSPWpNGH6jmFdl87IuxCaNyEHQ-JYITrFPkEYYpzMO-Rgo-8TGIvUujf-PK9OLSEJRBio4i9N0ZAQZWsZrYfMiSztSieBgxqsOhGZVtmCfuv_3PtsrvkgyAGBHB-JiuV-6BiF60bvRqWndENzAzlx5Vy5Ac_Gk6Jsuu2L4J6Q5lUAPQEvG-vLnD1w9WDn5PlE24Bx25bxcQyx6qS4iJhkqBSE7s9Y3vANtFmBPQP6ZM_waORCXGASyuCFlIDDAzg6_ldLsgdc2Fd91joZrEEpQ&sai=AMfl-YSXegphbojAz4_xp2h_-64Ax3ZJiIbWGEljPJFA024XBOgXPQW8LmWUbPWHRbSbCjE5GGZJSTK6jaaziN-XGvH2TJ7_JKZUrcv8o0bo3eBsPO-UQBfQ3kt2-QljR-TSndzYJQ&sig=Cg0ArKJSzL0rmuv1WTmVEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: id.geistm.com
URL: https://id.geistm.com/m/OB/QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=BMWwaXxyNlI2RythcEk1R0lUQ015ZGEyV1VUOUV5UmwvdEZ1cnFlRGtyQXpyUmNWMURrbU4wa0VNQ0Rlb2FBbG1aZWNtejZicHQxa1NWVGNQNnA4SU1ab2pzVG45cjlZcU5YS3hFMGhnQ3ZqQ1M3aFlUdHlTZWVjdktNMlB1YmFndlorcXpDLzk0Q0d2WXZyNjBXdDFITXpwQmtuZzhIcWdlVUVPa3ZSb1h4dS9kRENmYXAvUktpL0pvalhYYlNyQTN5RzZGUFRkRS82T3FjbzhaUGUxa3JUT2dnUFBLN3hUdWVoSERlUHZ3Ym5ROFhJPXw&cppv=2

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=BMWwaXxyNlI2RythcEk1R0lUQ015ZGEyV1VUOUV5UmwvdEZ1cnFlRGtyQXpyUmNWMURrbU4wa0VNQ0Rlb2FBbG1aZWNtejZicHQxa1NWVGNQNnA4SU1ab2pzVG45cjlZcU5YS3hFMGhnQ3ZqQ1M3aFlUdHlTZWVjdktNMlB1YmFndlorcXpDLzk0Q0d2WXZyNjBXdDFITXpwQmtuZzhIcWdlVUVPa3ZSb1h4dS9kRENmYXAvUktpL0pvalhYYlNyQTN5RzZGUFRkRS82T3FjbzhaUGUxa3JUT2dnUFBLN3hUdWVoSERlUHZ3Ym5ROFhJPXw&cppv=2

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie	1970-01-20 07:27:53	Name: thirdparty Value: yes
.imginn.com/	1970-01-20 17:03:49	Name: _ga_8QBYR6XXV4 Value: GS1.1.1668469676.1.0.1668469676.0.0.0
.imginn.com/	1970-01-20 17:03:49	Name: _ga Value: GA1.1.235000192.1668469677
live.demand.supply/	1970-01-20 17:03:49	Name: demandSupplyTi Value: 175689ca-0a0a-4384-9344-268d1cf4b912
imginn.com/	1970-01-20 08:11:01	Name: _pbjs_userid_consent_data Value: 8695169472824064
.imginn.com/	1970-01-20 17:03:49	Name: _pubcid Value: 3cc9c70c-88ae-4414-a0f0-66b1782cfe85
.imginn.com/	1970-01-20 16:49:25	Name: __gpi Value: UID=00000b81878b65d8:T=1668469677:RT=1668469677:S=ALNI_MYXrdDdCmdj7SbDHtB80P3_owbsaA
.h12-media.com/	1970-01-20 08:51:09	Name: 7thMile Value: f088581b%2D2efa%2D496d%2Dba4f%2D894ce0003ecc
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-20 17:03:49	Name: E Value: AOp4fREBRAfnwEMP
.doubleclick.net/	1970-01-20 16:49:25	Name: IDE Value: AHWqTUkrolTJTrnfXKNE13mdsYhRnwSEfZ1AY5H6geCzj9W2haSSTUkPthRuVyi31vY
.imginn.com/	1970-01-20 16:49:25	Name: __gads Value: ID=c1b1c35ff248fe47:T=1668469677:S=ALNI_MYK6spS-hPuZ1r__zbMH7Iy4HuppA
.bidswitch.net/	1970-01-20 16:13:25	Name: tuuid Value: 0d1087f2-d7e2-478e-a467-5e48b2922e60
.bidswitch.net/	1970-01-20 16:13:25	Name: c Value: 1668469679
.bidswitch.net/	1970-01-20 16:13:25	Name: tuuid_lu Value: 1668469679
.de17a.com/	1970-01-20 16:06:13	Name: guid Value: 1.6301177561924025390
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129TIwCcny0_WOMEkNS44wcswMdc8ocgQAItiSnB4AAAA
.rfihub.com/	1970-01-20 16:49:25	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129TIwCcny0_WOMEkNS44wcswMdc8ocgziNTQzszAxszQztzQ3NnvFiMoHAL2AZTE9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjMxMTO0tDSzNDYzMjQyM7c0NRfiM9QtjPTJTLfICQt1tcwBAAPZGcolAAAA
.rfihub.com/	1970-01-20 16:49:25	Name: rud Value: H4sIAAAAAAAA_-MSNjMxMTO0tDSzNDYzMjQyM7c0NRfiM9QtjPTJTLfICQt1tcwBAAPZGcolAAAA
.outbrain.com/	1970-01-20 07:27:51	Name: obsessionid-p178258 Value: 8753213f-046b-5fd7-0000-0184788ae5e2\|0\|1
.outbrain.com/	1970-01-20 07:27:49	Name: recs_55f25f895c5ec5f9a6354238d3aba33a Value: 0B4491990395A4488630001ACD1
.outbrain.com/	1970-01-20 09:37:25	Name: obuid Value: 03fa2eb9-282d-4c5e-8174-ac2db8fa32e5
.id5-sync.com/	1970-01-20 07:27:49	Name: cf Value:
.id5-sync.com/	1970-01-20 07:27:49	Name: cip Value:
.id5-sync.com/	1970-01-20 07:27:49	Name: cnac Value:
.id5-sync.com/	1970-01-20 07:27:49	Name: car Value:
.id5-sync.com/	1970-01-20 07:27:49	Name: gdpr Value:
.id5-sync.com/	1970-01-20 07:27:49	Name: callback Value:
.adnxs.com/	1970-01-20 09:37:25	Name: uuid2 Value: 3112462152479183588
.agkn.com/	1970-01-20 16:13:25	Name: ab Value: 0001%3Asu6NZoyj4%2BG7yVom%2BbMU4JAVYZkzfHiA
.adsrvr.org/	1970-01-20 16:13:25	Name: TDID Value: 46455199-3a10-49f5-aada-139e8aa7c5e8
.krxd.net/	1970-01-20 11:47:01	Name: _kuid_ Value: PMwFyDWu
.adform.net/	1970-01-20 08:11:01	Name: C Value: 1
.adfarm1.adition.com/	1970-01-20 09:37:25	Name: UserID1 Value: 7166022709969287320
.demdex.net/	1970-01-20 11:47:01	Name: demdex Value: 25581261748543342713251429893567745497
.eyeota.net/	1970-01-20 07:27:50	Name: SERVERID Value: 20994~DM
.adsrvr.org/	1970-01-20 16:13:25	Name: TDCPM Value: CAEYBSABKAIyCwjWg_rSrKmjOxAFOAE.
.adform.net/	1970-01-20 08:54:13	Name: uid Value: 5245590699115982519
.dpm.demdex.net/	1970-01-20 11:47:01	Name: dpm Value: 25581261748543342713251429893567745497
.mfadsrvr.com/	1970-01-20 17:03:49	Name: tuuid Value: df94a1e6-26f9-4960-bf4c-3bca27c094b3
.mfadsrvr.com/	1970-01-20 17:03:49	Name: c Value: 1668469680
.mfadsrvr.com/	1970-01-20 17:03:49	Name: tuuid_lu Value: 1668469680
.creativecdn.com/	1970-01-20 16:13:25	Name: u Value: eeQOtOJNRNwbK0Gt0DY0
.creativecdn.com/	1970-01-20 16:13:25	Name: ts Value: 1668469680
.postrelease.com/	1970-01-20 16:13:25	Name: opt_out Value: 1
.mfadsrvr.com/	1970-01-20 17:03:49	Name: ssh Value: !outbrain,1668469680
.simptrack.com/	1970-01-20 09:37:25	Name: ntm_tps__4011 Value: NNDNKZch6Se3QQKYwwsKT3yfI4sbP3rQv_4ArhdVJFhr4mWEikxgVfHLHeV-ECaAg-r8oXqs6FUG85yM93G-ciIGD_0927P39jk0RgVcVd7FaVz-eHDLiOdf-O46jdFwJ0t2v_qOC_zQ_IMXpn_GkmxAe8ngC-LPsFPvnafi2vedZqFmOtW-VnMsAoukSZgFlOLe2gnvUPYrmQpdZSj8mij78hOKEfa4h_ouJwpdRUkh27RdQ69RMHRkR61xBgE6Xph8_TPOZRiHGB2TNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 09:37:25	Name: v0rur7gqspb3_uid Value: 52c4dff2191f1732
.zemanta.com/	1970-01-20 16:13:25	Name: zuid Value: tG4lycyModpv07Ge-imc
.zemanta.com/	1970-01-20 16:13:25	Name: obuid Value: QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI
.awin1.com/	1970-01-20 07:37:54	Name: awpv11938 Value: 412871\|1668469680\|c5a6b9b1-6476-11ed-adce-2234a4c513ba
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.exelator.com/	1970-01-20 10:20:37	Name: EE Value: "6785e5f6d298777b5643e1b8cdea7d05"
.casalemedia.com/	1970-01-20 16:13:25	Name: CMID Value: Y3LTsC10kySiGE36-nkWXAAA
.casalemedia.com/	1970-01-20 09:37:25	Name: CMPS Value: 5132
.casalemedia.com/	1970-01-20 09:37:25	Name: CMPRO Value: 5132
.exelator.com/	1970-01-20 10:20:37	Name: ud Value: "eJxrXxzq6XKLQcHM3MI01TTNLMXI0sLc3DzJ1MzEONUwySI5JTXRPMXAdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAfEl%252BUWb6IhfXxUUpaQyLSopPBR%252BycQUAlQ8pxQ%253D%253D"
.congstar.de/	1970-01-20 07:37:58	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1668469680_c5a6b9b1-6476-11ed-adce-2234a4c513ba%22%2C%22sp%22%3A%22awin%22%7D
.c.appier.net/	1970-01-20 16:13:25	Name: _auid Value: DmBR8pKcAPmAFnmwsNNyYw
.c.appier.net/	1970-01-20 08:11:01	Name: _gu Value: CAESEIoYDr8JDxs7noO6Ja0cqkg
.casalemedia.com/	1970-01-20 09:37:25	Name: CMTS Value: 2176
.emxdgt.com/	1970-01-20 08:11:01	Name: euid Value: 51581668469680728835f1
.pubmatic.com/	1970-01-20 07:29:16	Name: KTPCACOOKIE Value: YES
.yahoo.com/	1970-01-20 16:13:47	Name: A3 Value: d=AQABBLDTcmMCEAvJB15kdCAHEdURldv9cHAFEgEBAQEldGN8YwAAAAAA_eMAAA&S=AQAAAqOd1I2mQtZwCl0G5mwFLZc
.pubmatic.com/	1970-01-20 09:37:25	Name: SyncRTB3 Value: 1669593600%3A220
.pubmatic.com/	1970-01-20 09:37:25	Name: KADUSERCOOKIE Value: 4087FF08-23CE-49F9-B4E2-8425E6E62290
.analytics.yahoo.com/	1970-01-20 16:13:25	Name: IDSYNC Value: 195n~28an
.emxdgt.com/	1970-01-20 08:11:01	Name: eapn_id Value: 3112462152479183588
.360yield.com/	1970-01-20 09:37:25	Name: tuuid Value: 7ab9fe71-8f81-48ca-9d40-32638caeefee
.360yield.com/	1970-01-20 09:37:25	Name: tuuid_lu Value: 1668469680
.bing.com/	1970-01-20 16:49:25	Name: MUID Value: 17309F26CCDC6BD6249F8D7ACDDC6A91
.smartadserver.com/	1970-01-20 16:58:04	Name: pid Value: 3777080887159330028
.quantserve.com/	1970-01-20 09:37:25	Name: d Value: EAIBDQHJJ9iaswA
.quantserve.com/	1970-01-20 16:58:04	Name: mc Value: 6372d3b0-d6e8c-fdc92-755fd
.pubmatic.com/	1970-01-20 07:29:16	Name: pi Value: 160065:3
.pubmatic.com/	1970-01-20 09:37:25	Name: chkChromeAb67Sec Value: 2
.technoratimedia.com/	1970-01-20 17:03:49	Name: tads_uid Value: GDPR
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 0afd547b8b884269
.mediago.io/	1970-01-20 17:03:49	Name: __mguid_ Value: f5dafa7b602377b61d3ae9727177a241

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/420046.gif?partner_uid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.geistm.com/m/OB/QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=QLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/711945.gif?cparams=obUid%3DQLjEMrm9bMhjBrkpYlYB3pICSeupyf61FpDzt1E3E89PPTHKHhJSAioZj_k68lnI Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9dee76a54df75e52b6615f1617674010.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
analytics.webgains.io
api.demand.supply
api.webgains.io
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
banner.congstar.de
beacon.krxd.net
bh.contextweb.com
bidder.h12-media.com
c.bing.com
c1.adform.net
cc.adingo.jp
cdn.ampproject.org
cdn.id5-sync.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
creativecdn.com
cs.emxdgt.com
cs.media.net
d1.imginn.com
d5p.de17a.com
d9.imginn.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
f.h12-media.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id.geistm.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imageproxy.pimg.tw
images.outbrainimg.com
imginn.com
jadserve.postrelease.com
live.demand.supply
loadus.exelator.com
log.outbrainimg.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mug.criteo.com
odb.outbrain.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prod-rtb.ad4mat.net
ps.eyeota.net
region1.google-analytics.com
rock.defybrick.com
rtb.mfadsrvr.com
s.ad.smaato.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
sync-jp.im-apps.net
sync.crwdcntrl.net
sync.inmobi.com
sync.outbrain.com
sync.teads.tv
sync.technoratimedia.com
tags.h12-media.com
tcheck.outbrainimg.com
tm.simptrack.com
tpc.googlesyndication.com
trace.mediago.io
track.webgains.com
u.openx.net
ups.analytics.yahoo.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
id.geistm.com
mug.criteo.com
securepubads.g.doubleclick.net
www.googletagservices.com
104.18.33.19
108.157.4.61
108.157.4.74
132.226.63.138
139.162.78.222
142.250.181.230
146.75.118.132
147.75.85.234
148.251.139.77
154.51.131.137
162.19.138.120
168.95.245.2
172.217.18.2
178.250.2.151
18.158.8.202
18.169.123.253
18.184.112.206
185.172.90.252
185.184.8.90
185.64.190.79
185.64.190.80
185.86.137.121
185.89.210.212
193.0.160.128
198.148.27.140
198.47.127.20
20.127.253.7
2001:4860:4802:32::36
213.155.156.166
23.203.81.208
23.35.237.56
2600:1901:0:76b9::
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:211e:0:1b:5138:8a40:93a1
2600:9000:2315:7a00:1a:ba5c:3900:93a1
2606:4700:10::6816:3556
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4675
2606:4700:20::ac43:4a81
2606:4700::6810:8516
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:2638::1c
2a06:98c1:3120::3
3.11.224.13
3.124.210.90
3.126.119.91
3.126.56.137
3.127.178.250
34.107.148.139
34.253.143.131
34.253.97.99
34.254.143.3
35.208.249.213
35.244.159.8
35.244.174.68
37.157.6.246
52.17.7.52
52.19.19.12
52.197.61.177
52.214.5.219
52.223.40.198
54.178.139.24
64.202.112.159
64.202.112.95
66.155.71.25
8.43.72.98
85.114.159.118
88.221.169.78
94.130.160.79
95.101.200.23
95.101.201.170
06a73988ed7fd76538a93e5edc0ce2051beb4212273cc6f851e70ea7895a7f2c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1e0076e3fc0353ebc866aa21624657a4518b7bb1839f2942229ed2e0231d1d
0e040d9bb933ec25617a5ec12afdec4410436a5eb8e0576e4afe332bef639017
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
141e849165cd8090d15cc89114aea9cad9b5cc3118447d726bfd68a5459deadf
150731097870b1b874277f0ee35629d7794343297d59abcd506896bc22ceb397
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
16863a43424f9a800f3f34d2619e1c82d8eff7667cb9aa25c0f59860f4fa3b84
18ec574fe917630fd9df93a35c4216e4f8890b31f684aaaccc6a996ea80e914d
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1e864f96f6a5002e8d278c67994bec488906c1a9c715348e86b4f2622aed3ab7
20b9faf0a1075c86d286466cc7bae8fecce7ed7f77950725ac4a104bcd372656
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
35287759c1bb8a0c417a1c6d70588c9be6eb2e1e8dedbf470bb0d067121e9b5d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3cc636f73406bd9f7fb945f29612f41773083aaa22ae8b55780cce683562bd22
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2
3f63984aebef1da95a98793dbd65a3cda67324e7302bac589000151ea3e4f2d7
41df50007faa5aad94ec57c8b1f72fba96f597cb319dbc510fe20fcf1f2658d1
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
547da37c339a2a8979e4ceff967fe62f3777f586e1e438435236c46c049f794c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e977eaf7c98d61835e202428b94a8ca4f10154387eaf269bc904df9de9af58
5a1ef48939ea1a4bfab6d25507bde4058f9951b32e3fad915a6266b4ade67967
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5ee6904378bdf00436ee2dcc0f10ec700e6a55bc61bd24607221dc3cc190e379
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
5f5262392c5f9f5343ca091d90e41c5e656b9b7d472db0adb65341e2285ef419
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
66adfc7279b166d725ba696e4d8b8994792e794d147506001eb9339187f59afe
74cce1f4229b86b69cb277157726d3919d7591ab7f64b5f1415a56bbaea38bb9
76a38f7293df1746a04b830d6197905bdeca2d5800da04c45833774447cd1c48
782da8a59941de0266c3a8162002fe463a77883792ffa306a55fa37b8fa9e336
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7c180926a85235a5bb38cb719283ded9a7fc7ce63ab91b22505cb37f2fcb2d5a
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82e96ef9e08b529eac3fc86c07cd82f964ca112b0f138332071e4627c7231d27
848360150c7285fb18cb4639a4bb09a3664499b3076d27648f1fd1ff8a7f538f
848afece293e33a9dc72a80debcc45dd05a876526abf98e38c41860d1e206232
84b16097060c4586078b11c5873ce45d8937a20a5d1140cae9ed3ca17aa20f50
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
875b84e1145c7f86b0d5329d0c1e0caff48994fbdd3edeaa3f273788c5d46519
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e
91536a3dab256af4292836001aba786855362d053e6c9ff685417eb6af96e8c0
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92bb079b55aa19bd93a85c1c0415bc038370d84deacd1dfd95806a13e8994591
92f6825696eda486521445ee4f77e59a695b04968b6037a3353fd45d597d7323
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7a307530f2a8d7af49722aa2af29a1be30b9964b0dde8e3a476504ec9b7aa8
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a048aa5581bf109b05a3ec777fabfb048245627905e3e96c4d74133c32150920
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8321cad8a8bc5bea0c364d709ee00052a3af19560cfb043b349abeba4be1789
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bab2187896fa9c8336df4aaa1ad72ca029fba689ba5ce2d25e297f4879f87695
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c120f2b8218374bdf08e1bf32f608e4f24c823f65c84cd892c4528cc55871436
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c980dc996e63eadf337ea26aecc48561a92c4a4ca35d588e124c2223e540779a
c9a302a481f32738ecc2f5131539dfb5deaf5f2ab0e8ac006effbdd3c314a1e8
cac43dd484c5797fee6667c226821a8154f536b03954350ba1f65f1b84caaeb8
cce38ba80d59539bcb517cd5f92722349ca63303b134ca7927babddff4c484bf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d686d2f49f1fba79a674b60c9d0a407df8422f81257bf4003e728be85fbec9e2
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8ff6680423b2840ee05574aa6de1885edb315494e571bb8d36bb88f561e32dd
d950e80d3a09ebb23557dfe0081da0e88860ba6c92315e9e6a9419b578c46aa5
dd38995d00af7a748b4a4a9a7d9439116ee62cc2d4a8be5c8f86df0047fd671d
ded9bbd84fd5be11b23446f19f8e83dacbf9c58a06f530d805561717efa63dfc
df306020bc7d1efc6e5ce7799ebf7804da32acac4faf3e437757ca987cedf770
e29094749e206e8a6c9b944936f3cc55868ddaa7002775214aac03eb5e45c951
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e8d1972826d6114a57e61adcc655f163f80483121da01b62b68882f0758db642
eeb45246a81b226384e7e5abe2e4af60784c829afc0bc44ff7a96e480d477c20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1fc55bfabda12b99254d50bf4d409ac064aaf04fea89c7f2c4bb2b4d2f228e
f076553a482cb14e0c96bdeac2ddbcf60231354c7938746166d30a6f95612d32
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
ff047e34881c1f96b32a3ad8217e431587b57aa9be758fcd86ab8fa5ba28e4cf

imginn.com Open in urlscan Pro 2606:4700:20::ac43:4675 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

193 Requests

83 %HTTPS

31 %IPv6

69 Domains

97 Subdomains

60 IPs

10 Countries

2158 kBTransfer

4692 kBSize

80 Cookies

7 Outgoing links

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

imginn.com Open in urlscan Pro
2606:4700:20::ac43:4675 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

83 %
HTTPS

31 %
IPv6

69
Domains

97
Subdomains

60
IPs

10
Countries

2158 kB
Transfer

4692 kB
Size

80
Cookies

193 HTTP transactions
7 data transactions