link1s.com Open in urlscan Pro
151.139.128.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://link1s.com/6EONEO5
Submission: On February 07 via manual (February 7th 2023, 6:22:43 pm UTC) from VN — Scanned from DE

Summary HTTP 391 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 109 IPs in 15 countries across 106 domains to perform 391 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is link1s.com. The Cisco Umbrella rank of the primary domain is 622986.
TLS certificate: Issued by R3 on January 2nd 2023. Valid for: 3 months.

This is the only time link1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:804::2008	15169 (GOOGLE) (GOOGLE)
2 6	54.38.133.13 54.38.133.13	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
8	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
3 11	54.38.133.12 54.38.133.12	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.16.193 199.232.16.193	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700:10:... 2606:4700:10::ac43:1997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:1e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2606:4700:10:... 2606:4700:10::6816:15d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 11	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
4 4	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
8 18	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
6	2606:4700:20:... 2606:4700:20::681a:8b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	145.40.88.5 145.40.88.5	54825 (PACKET) (PACKET)
3	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	204.237.133.116 204.237.133.116	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2620:100:a005... 2620:100:a005::17	19750 (AS-CRITEO) (AS-CRITEO)
3	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
8	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
2 13	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
8	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 9	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	146.59.30.104 146.59.30.104	16276 (OVH) (OVH)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	35.227.197.177 35.227.197.177	15169 (GOOGLE) (GOOGLE)
1 1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	141.94.242.206 141.94.242.206	16276 (OVH) (OVH)
2 2	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
4	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	3.251.34.9 3.251.34.9	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
8	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	2.16.186.26 2.16.186.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
1 3	2600:1f1c:a99... 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348	16509 (AMAZON-02) (AMAZON-02)
1	52.18.129.185 52.18.129.185	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.151 65.9.58.151	16509 (AMAZON-02) (AMAZON-02)
5	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
1 3	185.29.134.245 185.29.134.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
1 5	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	51.144.7.192 51.144.7.192	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	54.72.202.70 54.72.202.70	16509 (AMAZON-02) (AMAZON-02)
8 8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	52.30.21.143 52.30.21.143	16509 (AMAZON-02) (AMAZON-02)
1	108.128.16.246 108.128.16.246	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
1	18.130.177.194 18.130.177.194	16509 (AMAZON-02) (AMAZON-02)
1 2	142.251.39.6 142.251.39.6	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2 21	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	65.9.66.42 65.9.66.42	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.16 18.66.15.16	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:ba00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.169.219.247 18.169.219.247	16509 (AMAZON-02) (AMAZON-02)
5	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700:e0:... 2606:4700:e0::ac40:6705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2.18.36.193 2.18.36.193	16625 (AKAMAI-AS) (AKAMAI-AS)
7 8	35.212.133.238 35.212.133.238	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	18.144.106.164 18.144.106.164	16509 (AMAZON-02) (AMAZON-02)
1	195.201.152.107 195.201.152.107	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.150.149 193.232.150.149	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	151.236.118.210 151.236.118.210	204720 (CDNETWORKS) (CDNETWORKS)
3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 8	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	8.2.110.113 8.2.110.113	46636 (NATCOWEB) (NATCOWEB)
15	135.125.163.79 135.125.163.79	16276 (OVH) (OVH)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	18.215.132.94 18.215.132.94	14618 (AMAZON-AES) (AMAZON-AES)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
5 5	52.210.230.133 52.210.230.133	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.86.139.57 185.86.139.57	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 1	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	157.90.40.26 157.90.40.26	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	141.94.240.143 141.94.240.143	16276 (OVH) (OVH)
5	184.169.232.193 184.169.232.193	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
2 2	35.201.96.126 35.201.96.126	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	204.237.133.247 204.237.133.247	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 3	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d018:d29... 2a05:d018:d29:3605:bb48:7fbf:8788:cd62	16509 (AMAZON-02) (AMAZON-02)
4	104.36.113.111 104.36.113.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	209.25.233.254 209.25.233.254	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 6	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:6ea0:f40... 2a02:6ea0:f400::4	60068 (CDN77 ^_^) (CDN77 ^_^)
3 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
3	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	159.89.246.130 159.89.246.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	52.58.67.161 52.58.67.161	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	173.231.180.197 173.231.180.197	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
2 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 4	35.172.92.2 35.172.92.2	14618 (AMAZON-AES) (AMAZON-AES)
4 4	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
391	109

13 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

link1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssp.web1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.38.133.13 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip13.ip-54-38-133.eu

lv.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.38.133.12 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ip12.ip-54-38-133.eu

adlv.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.193 (Vienna, Austria)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)

boot.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1e31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:10::6816:15d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intake.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638::1c (France) 5 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.96.145.246 (Vienna, Austria) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.2.237 (Denmark) 8 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:8b2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.237.133.116 (Ambler, United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a005::17 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.197.177 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 177.197.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.242.206 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh

pixel-eu.onprospects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.77 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.251.34.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-34-9.eu-west-1.compute.amazonaws.com

trc.audiencemanager.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
anz.audiencemanager.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-26.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.51 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.129.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-129-185.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-151.fra56.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.91.199 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal900018.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.72.202.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-202-70.eu-west-1.compute.amazonaws.com

liift-trc.audiencemanager.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.30.21.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-21-143.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.16.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-16-246.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.130.177.194 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-177-194.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.36.113.107 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-42.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-16.vie50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:ba00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.169.219.247 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-219-247.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:6705 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.212.133.238 (The Dalles, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 238.133.212.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.144.106.164 (San Jose, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-144-106-164.us-west-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.107 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.107.152.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.149 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp4.senders.ntvplus.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.2.110.113 (United States) 3 redirects

ASN46636 (NATCOWEB, US)

as.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu

user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.180 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.132.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-132-94.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.210.230.133 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-230-133.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.57 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.223.115 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.40.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.26.40.90.157.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.240.143 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.169.232.193 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-184-169-232-193.us-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.213 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.247 (Ambler, United States)

ASN3257 (GTT-BACKBONE GTT, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:bb48:7fbf:8788:cd62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.113.111 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.25.233.254 (Los Angeles, United States)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.154.237 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:f400::4 (Zagreb, Croatia)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.67.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-67-161.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.220.229.2 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Norresundby, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.172.92.2 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-92-2.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.129.221 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	pubmatic.com 4 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450 image2.pubmatic.com — Cisco Umbrella Rank: 872 ads.pubmatic.com — Cisco Umbrella Rank: 463 image6.pubmatic.com — Cisco Umbrella Rank: 733 simage2.pubmatic.com — Cisco Umbrella Rank: 665 aud.pubmatic.com — Cisco Umbrella Rank: 4113 image4.pubmatic.com — Cisco Umbrella Rank: 941 simage4.pubmatic.com — Cisco Umbrella Rank: 1166	54 KB
29	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 cdn.adnxs.com — Cisco Umbrella Rank: 1450 fra1-ib.adnxs.com — Cisco Umbrella Rank: 7432 acdn.adnxs.com — Cisco Umbrella Rank: 534 secure.adnxs.com — Cisco Umbrella Rank: 409	158 KB
29	pbstck.com boot.pbstck.com — Cisco Umbrella Rank: 8230 cdn.pbstck.com — Cisco Umbrella Rank: 9206 intake.pbstck.com — Cisco Umbrella Rank: 8770	406 KB
27	rubiconproject.com 6 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 842 eus.rubiconproject.com — Cisco Umbrella Rank: 537 token.rubiconproject.com — Cisco Umbrella Rank: 548 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2119 pixel.rubiconproject.com — Cisco Umbrella Rank: 308	48 KB
24	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 388 mug.criteo.com — Cisco Umbrella Rank: 2753 bidder.criteo.com — Cisco Umbrella Rank: 730 dis.criteo.com — Cisco Umbrella Rank: 696	14 KB
18	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 9154 user-sync.adxpremium.services — Cisco Umbrella Rank: 16808	19 KB
18	adform.net 8 redirects adx.adform.net — Cisco Umbrella Rank: 4264 cm.adform.net — Cisco Umbrella Rank: 1400 c1.adform.net — Cisco Umbrella Rank: 568	4 KB
12	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 219491 ad.doubleclick.net — Cisco Umbrella Rank: 184	7 KB
12	gemius.pl 3 redirects adlv.hit.gemius.pl — Cisco Umbrella Rank: 193758 ls.hit.gemius.pl — Cisco Umbrella Rank: 12858	81 KB
11	audiencemanager.de trc.audiencemanager.de — Cisco Umbrella Rank: 58756 anz.audiencemanager.de — Cisco Umbrella Rank: 58527 liift-trc.audiencemanager.de — Cisco Umbrella Rank: 130748	4 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	623 KB
11	link1s.com link1s.com — Cisco Umbrella Rank: 622986	285 KB
10	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2287 vpaid.vidoomy.com — Cisco Umbrella Rank: 105073 a.vidoomy.com — Cisco Umbrella Rank: 10343	58 KB
10	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 31195 hal900018.redintelligence.net — Cisco Umbrella Rank: 264406	222 KB
9	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 1564 cache.betweendigital.com — Cisco Umbrella Rank: 17291	6 KB
9	4dex.io script.4dex.io — Cisco Umbrella Rank: 2192 mp.4dex.io — Cisco Umbrella Rank: 2045	74 KB
8	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	4 KB
8	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 725	1 KB
6	weborama.fr 4 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 22942 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24369	1 KB
6	casalemedia.com 6 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1332	3 KB
6	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 41397	3 KB
6	adocean.pl 2 redirects lv.adocean.pl — Cisco Umbrella Rank: 188387	57 KB
5	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 757	1 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 470	2 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414	1 KB
5	criteo.net static.criteo.net — Cisco Umbrella Rank: 647	142 KB
5	mathtag.com 2 redirects tags.mathtag.com — Cisco Umbrella Rank: 4453 pixel.mathtag.com — Cisco Umbrella Rank: 975 sync.mathtag.com — Cisco Umbrella Rank: 453	3 KB
5	cpx.to p.cpx.to — Cisco Umbrella Rank: 9229 s.cpx.to — Cisco Umbrella Rank: 2058	6 KB
5	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 2627 mwzeom.zeotap.com — Cisco Umbrella Rank: 2435	21 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	1 KB
5	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 31968	236 KB
4	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2249	2 KB
4	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1110	2 KB
4	setupad.com node.setupad.com — Cisco Umbrella Rank: 44851	833 B
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 271 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902	3 KB
4	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 2176	25 KB
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 592	831 B
3	bumlam.com 3 redirects sync.bumlam.com — Cisco Umbrella Rank: 3273	2 KB
3	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 601	573 B
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 767	2 KB
3	ck-ie.com 3 redirects as.ck-ie.com — Cisco Umbrella Rank: 10054	1 KB
3	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 329	418 B
3	adxbid.info adxbid.info — Cisco Umbrella Rank: 17666	9 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19463 api.webgains.io — Cisco Umbrella Rank: 57676	31 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 49955 medialead.de — Cisco Umbrella Rank: 49425	1 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 979 pixel.quantserve.com — Cisco Umbrella Rank: 676 cms.quantserve.com — Cisco Umbrella Rank: 632	11 KB
3	onaudience.com 3 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 13267 pixel.onaudience.com — Cisco Umbrella Rank: 2833	2 KB
3	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5803	517 B
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 882	204 B
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 389	2 KB
3	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 45437	414 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com — Cisco Umbrella Rank: 295	32 KB
2	gammaplatform.com 2 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2556	1 KB
2	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1283	563 B
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1634	723 B
2	tns-counter.ru 1 redirects www.tns-counter.ru — Cisco Umbrella Rank: 10396	707 B
2	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 3827	669 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 15879	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 3641	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1733	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 507	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 556	741 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4143	560 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 16645	826 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1006	462 B
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 103416	6 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	34 KB
2	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 33707	6 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 412	781 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
2	web1s.com ssp.web1s.com — Cisco Umbrella Rank: 811607	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	83 KB
1	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 3721	289 B
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 3445	464 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1938	555 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 748	518 B
1	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3016	104 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 16334	412 B
1	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 5049	370 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 5624
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 5207	277 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 835	226 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 560	792 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 522	673 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 651	638 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401	524 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 18093	69 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 904	1 KB
1	google.com adservice.google.com — Cisco Umbrella Rank: 70	401 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 58936	3 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12387	60 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 89372	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 47375	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 168607	401 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 51826	607 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 125862	931 B
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 34714	521 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 12944	257 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 9864	33 KB
1	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 30449	271 B
1	onprospects.com 1 redirects pixel-eu.onprospects.com — Cisco Umbrella Rank: 197690	240 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 2151	405 B
1	rlcdn.com 1 redirects id.rlcdn.com — Cisco Umbrella Rank: 596	441 B
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 5909	47 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	49 KB
391	106

	Domain	Requested by
15	user-sync.adxpremium.services	adxbid.info ads.pubmatic.com vid.vidoomy.com
14	intake.pbstck.com	link1s.com
13	ib.adnxs.com	2 redirects stpd.cloud acdn.adnxs.com
12	simage2.pubmatic.com	ads.pubmatic.com
11	gum.criteo.com	5 redirects ads.themoneytizer.com static.criteo.net
11	adlv.hit.gemius.pl	3 redirects lv.adocean.pl link1s.com adlv.hit.gemius.pl
11	link1s.com	link1s.com
10	ads.pubmatic.com	stpd.cloud ads.pubmatic.com adxbid.info link1s.com vid.vidoomy.com
9	image2.pubmatic.com	2 redirects ads.pubmatic.com
9	mug.criteo.com	link1s.com
9	cdn.pbstck.com	boot.pbstck.com
8	image6.pubmatic.com	2 redirects ads.pubmatic.com
8	x.bidswitch.net	7 redirects ads.pubmatic.com
8	cm.g.doubleclick.net	8 redirects
8	fra1-ib.adnxs.com	stpd.cloud link1s.com cdn.adnxs.com
8	token.rubiconproject.com	1 redirects eus.rubiconproject.com link1s.com
8	cm.adform.net	5 redirects link1s.com stpd.cloud
8	onetag-sys.com	stpd.cloud ads.themoneytizer.com cache.betweendigital.com
8	ads.betweendigital.com	stpd.cloud ads.betweendigital.com
8	eus.rubiconproject.com	link1s.com eus.rubiconproject.com cache.betweendigital.com
6	ssum.casalemedia.com	6 redirects
6	www.gstatic.com	www.recaptcha.net www.gstatic.com
6	pixel.rubiconproject.com	1 redirects link1s.com adxbid.info
6	prebid-stag.setupad.net	stpd.cloud
6	adx.adform.net	stpd.cloud
6	script.4dex.io	stpd.cloud script.4dex.io
6	boot.pbstck.com	link1s.com
6	lv.adocean.pl	2 redirects link1s.com lv.adocean.pl
5	sync.crwdcntrl.net	ads.pubmatic.com link1s.com
5	match.prod.bidr.io	5 redirects
5	static.criteo.net	stpd.cloud static.criteo.net
5	liift-trc.audiencemanager.de	trc.audiencemanager.de link1s.com
5	anz.audiencemanager.de	trc.audiencemanager.de link1s.com
5	hal900018.redintelligence.net	1 redirects link1s.com hal900018.redintelligence.net
5	hal9000.redintelligence.net	link1s.com hal900018.redintelligence.net
5	match.adsrvr.org	link1s.com ads.pubmatic.com
5	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
5	ads.themoneytizer.com	link1s.com ads.themoneytizer.com
4	cr.frontend.weborama.fr	4 redirects
4	a.audrte.com	2 redirects link1s.com
4	uipglob.semasio.net	2 redirects link1s.com
4	a.vidoomy.com	link1s.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	ups.analytics.yahoo.com	4 redirects
4	acdn.adnxs.com	link1s.com stpd.cloud
4	s.cpx.to	p.cpx.to link1s.com
4	node.setupad.com	link1s.com
4	secure-assets.rubiconproject.com	4 redirects
4	www.recaptcha.net	link1s.com www.gstatic.com www.recaptcha.net
3	simage4.pubmatic.com	ads.pubmatic.com
3	ap.lijit.com	adxbid.info
3	sync.bumlam.com	3 redirects
3	vpaid.vidoomy.com	vid.vidoomy.com
3	vid.vidoomy.com	adxbid.info
3	pixel-sync.sitescout.com	ads.pubmatic.com link1s.com vid.vidoomy.com
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	as.ck-ie.com	3 redirects
3	eb2.3lift.com	adxbid.info
3	adxbid.info	stpd.cloud
3	mwzeom.zeotap.com	link1s.com ads.pubmatic.com
3	tags.mathtag.com	1 redirects link1s.com
3	s.amazon-adsystem.com	2 redirects link1s.com
3	prebid-eu.creativecdn.com	stpd.cloud
3	rtb.adxpremium.services	stpd.cloud
3	bidder.criteo.com	stpd.cloud
3	hbopenbid.pubmatic.com	stpd.cloud
3	mp.4dex.io	stpd.cloud
3	prebid.a-mo.net	stpd.cloud
3	id5-sync.com	stpd.cloud link1s.com
3	stpd.cloud	link1s.com
2	idsync.frontend.weborama.fr	link1s.com
2	cm-supply-web.gammaplatform.com	2 redirects
2	cm.adgrx.com	ads.pubmatic.com
2	rtb.openx.net	2 redirects
2	www.tns-counter.ru	1 redirects link1s.com
2	an.yandex.ru	1 redirects link1s.com
2	x01.aidata.io	2 redirects
2	visitor.fiftyt.com	2 redirects
2	sync.1rx.io	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	d5p.de17a.com	2 redirects
2	px.adhigh.net	2 redirects
2	odr.mookie1.com	ads.betweendigital.com
2	api.webgains.io	analytics.webgains.io
2	secure.adnxs.com	2 redirects
2	5994599.fls.doubleclick.net	1 redirects link1s.com
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	www.googletagservices.com	trc.audiencemanager.de www.googletagservices.com
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	spl.zeotap.com	ads.themoneytizer.com link1s.com
2	cdn.adnxs.com	stpd.cloud
2	pixel-eu.onaudience.com	2 redirects
2	pixel.tapad.com	1 redirects link1s.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ssp.web1s.com	link1s.com
2	www.googletagmanager.com	link1s.com adv.office-partner.de
2	fonts.googleapis.com	link1s.com hal900018.redintelligence.net
1	e.serverbid.com	link1s.com
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	green.erne.co	1 redirects
1	ipac.ctnsnet.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aax-eu.amazon-adsystem.com	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	cache.betweendigital.com	ads.betweendigital.com
1	sync.dmp.otm-r.com	ads.betweendigital.com
1	pixel.quantserve.com	link1s.com
1	rules.quantcount.com	secure.quantserve.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	link1s.com
1	analytics.webgains.io	track.webgains.com
1	ad.doubleclick.net	www.googletagservices.com
1	m.exactag.com	link1s.com
1	ad-server.eu	link1s.com
1	medialead.de	1 redirects
1	track.webgains.com	link1s.com
1	futalis.de	hal900018.redintelligence.net
1	pb.media01.eu	hal900018.redintelligence.net
1	adv.office-partner.de	hal900018.redintelligence.net
1	adtrack.adleadevent.com	link1s.com
1	c.cintnetworks.com	trc.audiencemanager.de
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	pixel.mathtag.com	link1s.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	c.tmyzer.com	link1s.com
1	trc.audiencemanager.de	link1s.com
1	pixel-eu.onprospects.com	1 redirects
1	s.company-target.com	1 redirects
1	id.rlcdn.com	1 redirects
1	ls.hit.gemius.pl	adlv.hit.gemius.pl
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	i.imgur.com	link1s.com
1	pagead2.googlesyndication.com	link1s.com
391	155

This site contains links to these domains. Also see Links.

Domain
ssp.web1s.com
www.facebook.com
t.me

Subject Issuer	Validity	Valid
link1s.com R3	`2023-01-02` - `2023-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2023-01-30` - `2024-02-06`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
ssp.web1s.com R3	`2022-12-16` - `2023-03-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
pbstck.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.stpd.cloud E1	`2022-12-26` - `2023-03-26`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.a-mo.net R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2022-08-26` - `2023-08-05`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
node.setupad.com R3	`2022-12-28` - `2023-03-28`	3 months	crt.sh
*.audiencemanager.de Go Daddy Secure Certificate Authority - G2	`2022-08-14` - `2023-09-15`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
c.tmyzer.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2023-09-11`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2022-09-13` - `2023-09-13`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.cpx.to R3	`2022-11-28` - `2023-02-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
redintelligence.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-11-04` - `2023-05-04`	6 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-17`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2022-06-13` - `2023-07-12`	a year	crt.sh
adv.office-partner.de R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
*.futalis.de R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
quantserve.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.iprom.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
truffle.bid R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh

This page contains 75 frames:

Primary Page: https://link1s.com/6EONEO5
Frame ID: 22BB81B407F2181386F17A3D2B8E10F5
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html
Frame ID: BB1FD177EE755204AC1CD9923AD2068F
Requests: 1 HTTP requests in this frame

Frame: https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=QA
Frame ID: D9DFEFF994A782A172D1BCEABCF84A0F
Requests: 3 HTTP requests in this frame

Frame: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
Frame ID: B18CF4C3773BE2735C8E500528228EB0
Requests: 29 HTTP requests in this frame

Frame: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
Frame ID: 1D4FD5BADF9F5C85231A7389273790D2
Requests: 32 HTTP requests in this frame

Frame: https://adlv.hit.gemius.pl/gdejs/xgde.html
Frame ID: 3778240D8E59FE0BD87580D1DEF12109
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: C7CCCA8C53E1EEFFCEBC687A30AD0670
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 84CC78DEA963F9735BEA9D5638638FBA
Requests: 12 HTTP requests in this frame

Frame: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
Frame ID: 528DEB003F7E871D712F86BE1C37782B
Requests: 30 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 84D74A818C02564CB6DCFFB2E31E1460
Requests: 3 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 3AA76E68F3762226A26DE771A9CBAD0F
Requests: 1 HTTP requests in this frame

Frame: https://trc.audiencemanager.de/ad/?pl=63c50f5f293004695e28b6fe&cb=798081562&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FehSuR-F6hD_RdHYyOEp-PwAAACCF69E_0XR2MjhKfj97FK5H4XqEP-VauMImMDIOl4TC6ZxtVhrlluJjAAAAAHc7agF_DgAAJw4AAAIAAABnzJcY6SwmAAAAAABVU0QARVVSAMoD-gBAWgAAAAABAQUCAAAAAKgAciRCigAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ZBSdsQjWkaMaEOeY38QBGOnZmAEgACgAMQAAAAAAABBAOglGUkExOjY1OTRAtTBJdxA7U-i87T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjY1OTQ%3D%2Fbn%3D99275%2Fclickenc%3D&liiftcamid=63c53984745a1feac2025ff2&liifttagid=23739255&liiftaucid=1022933008400276197
Frame ID: A8260968C4DC6D5898FCEEA4AC32DECB
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1675794149882
Frame ID: 4A812947F790BA6A7802D23F0AF5B4B2
Requests: 1 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/zone/htlmx5cd89bk?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=2928848173421329631&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2928848173421329631%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D
Frame ID: 3854E5C66E43B4861B6E97F9FF1A372A
Requests: 16 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flink1s.com%2F6EONEO5&id=MTIZ
Frame ID: FCE425E93865E7FA3D3751F6306FFEBC
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7&co=aHR0cHM6Ly9saW5rMXMuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=gxl0b2vvr4d8
Frame ID: 1D6D753289CB54768F806631CAEAB60C
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: BFF840C87C400B4FF658EB23384162B2
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=58086800162205400951435012228018&actionid=981741&produktid=&dt_url=
Frame ID: 2E04F077D355E28A07C9603DC1BC19CA
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2219836856
Frame ID: 557CC4D20095C3166AC142C140222676
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNPWrtiDhP0CFZqdmgod_mIKPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465
Frame ID: FE2258415A6776D23699DCD29D893D96
Requests: 2 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39
Frame ID: 949B4E090CEC3CC0113578168FFBCB21
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3711&pub_id=2046825
Frame ID: 2E8BCBF2C4857ED256F35CEAF5E22F20
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7
Frame ID: 32CBC2FE50FA0ACB4FC3C24263E14DCD
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1675794149291
Frame ID: 0D1BC7EDF45EF9C5839ACF674DBC5E33
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 33FB134C918EFD07B05E69FA2C981DF5
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B1C922DACD1A0621A8A2ECB40B2C2A66
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 475DCF6FF79078E5EFD17EA2BF620068
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: 20C311BAD38C4833B820EFE8268E7DB6
Requests: 7 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a440e22a-3d79-5226-acbb-451acf59d3ff&CACHEBUSTER=589219
Frame ID: 8FA1BFB701F045E34B73BFCA39D86812
Requests: 5 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 5A49AC9C66608B08E8B614A70B6C6B8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: 5ED2A9A7524496EBE094021859894277
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 658FED6C3E19E38F646F9F0E773E8AA0
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1675794149288
Frame ID: D4282B51B021786BEA7831E3B1838370
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 136C210ED39C59CB2F7A4996C43DB82C
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1675794149502
Frame ID: A885FCA319ECD44C7F6E216A9191962E
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: F5BA41309858EDBDD78966A66BF16FEC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: D1F18D333B7DEBF5A46F72EAA75541CA
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0BE5473026FB567778A8D4CFDF8F6E82
Requests: 3 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: C14DC2711D2E25FBF44A894C46E2C969
Requests: 7 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=
Frame ID: E161E3F843AED19BE40F6BFA31EA2001
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7fe63e2-96e6-4d00-be93-63a4dbc07294&gdpr=0&gdpr_consent=
Frame ID: 34F0476FF8765AC351F137796381A478
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=428985312418118942
Frame ID: C5E909A6CB5D03DB5A045D398C445655
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6BEAE753DA4025B0A9929A54CB26766A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uswlpLXJJaChniOjv8ht87XPI6WhnSOkuc8BPSKS
Frame ID: B9BEEB35349782928B8770777819EAEC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&redir=true&gdpr=0&gdpr_consent=
Frame ID: BDDDB0C54F93CA34CCB6C44DDB8F4582
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1897824813687407767&gdpr=0&gdpr_consent=
Frame ID: 41A48C87F61EA257E107712C0F40D2F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7197481081972193431&gdpr=0&gdpr_consent=
Frame ID: 8F189DEE2E3C38860AA7EDEACFC83D71
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=chZLR3MPQDpwLQOVyA_EQbKi0YY&gdpr=0&gdpr_consent=
Frame ID: A6952855D8F94955D83D8F0293ABA4F3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_KW6QADoAP_zQBh&gdpr=1&gdpr_consent=&_test=Y_KW6QADoAP_zQBh
Frame ID: 39CE5E4FF44DE5C3FE95481206AA70B5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_iU7HxS4AACC44qOAyA&gdpr=0&gdpr_consent=
Frame ID: EB1C75A994FDF9DE98C5CC3C8A0CB9EE
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6586380883
Frame ID: 5B45BB9A395A8979714619195AA6CADB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: CECB5E6740B276D24E821A84B882E0C6
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 0FA93B5D0D6E690D924A66D71C608522
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A782559C0A95027A93E13A1283A4525B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C107BDD6E77406D182A8467F6C9AA6E6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: A54128980B92794F98FAFF500535EEDF
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYMhgMUSTSXQXUhjW%2526gdpr%253D0%2526gdpr_consent%253D
Frame ID: 7657BA21A9D3F8166CD923E63C00DF2D
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 64A940A5AF8AB353C0D8A4EE0BCFA30D
Requests: 6 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 9F73ED93707ACCAEAD9CE7EDC2FA07E6
Requests: 6 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 837029210C475CE36623DE28E177EA56
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 4C0163C80D04E727B553F95B0B98EFC7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 0D8A921425991A9F03046B292998C4E0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: C757946D1DADB3CA1461D2556E3A00C8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: EB4EB98F813AAB44D4436A4391038433
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 505EA0BB2A1F4B5425D6F518FBD50669
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F05E804F7F39ABAB98A5267EE53B64CF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=3xgqnz1wlox8
Frame ID: 25D14B2030FBF5CEDF78DC3736F9238A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:595CD457632A41A8BC85F50B666EBC78&gdpr=0&gdpr_consent=
Frame ID: 92BC0B1F5CC9F5AABA7532F1D0A58E05
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 815E8BBB157067B2CC56CBD665350CE3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=g4vq6wj9qjhd
Frame ID: 294352CEA95DC99DDFD982D04E829412
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:595CD457632A41A8BC85F50B666EBC78&gdpr=0&gdpr_consent=
Frame ID: E2261FF477315CFE19D1B4CD3B28E835
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
Frame ID: F58D06E79F0EA674CACE344BFDF39E3D
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
Frame ID: 8D3AF965A77A9E7F1A6CD02B2AF256E8
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
Frame ID: 76C1AAFEA49EA203F9652E54592A62E8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=link1s.com
Frame ID: 7D14619ED902FBC8DEBDA473B5BDA43B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Link1s.com - Best URL Shortener To Earn Money

Detected technologies

AdOcean (Advertising) Expand

Overall confidence: 80%
Detected patterns

adocean\.pl

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

391
Requests

86 %
HTTPS

24 %
IPv6

106
Domains

155
Subdomains

109
IPs

15
Countries

3365 kB
Transfer

8932 kB
Size

131
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://ssp.web1s.com/tra.php?b=89

Search URL Search Domain Scan URL

URL: https://www.facebook.com/link1scom/

Search URL Search Domain Scan URL

URL: https://t.me/link1scom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/link1scom

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://lv.adocean.pl/_1675794148200/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200 HTTP 301
https://lv.adocean.pl/__/_1675794148200/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200 HTTP 301
https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1675794148%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DD1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7%2Fx%3D1600%2Fy%3D1200 HTTP 301
https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1675794148%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DD1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7%2Fx%3D1600%2Fy%3D1200 HTTP 301
https://lv.adocean.pl/__/_1675794148/ad.js?hclsdata=&hcudata=uuAQbug_0ckYKqIsSQ0f7hyblKK0ney9.jkTeEy4CXz.H7&id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200

Request Chain 41

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=7Bh8CXwyWFZmT2kyQVFmSWlXVzhuVzdobG45QXFGQTk1VGFScjJpWGlvUGtBQ1hNYnZpc2VPQ2ZrZitaeXRXZFlBSEk1VGE3eGFtdHJMZmdSellkMWxZR3hkMzgvYlJMUjN1L0ZkZHlublNLdHpXK2draVFiam9sUEJNOFdwVHVOTzVmbUdnMU00ZElOa0RBZkpsZVBZRUJRdjZ5MlJ6Qlhsc21uNXJHNVJXV1lRV0ZaNGtZTUxVbk1LaHMzUTRjblpvK0V2ZTVFZUlVb3JDeC9tWGUwdk1jK2ZCNkJtQWFrdlZzcldMZFh1RGt6U0N3PXw&cppv=2

Request Chain 43

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 48

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=tzJFjXxXZ3FYZ0I2ZiszTHZnUFNLVWhrN2l0RDV3Tjd5VllvTHNwMnhaalBMbWxmYWZSY0JZdXowNlJhWlZHN2FFa2g5MmNiNGRvYVVNblhoUFBvbTJBUDZnZHBQQStMOHZ1NElEU1o5dFRDcy9KUlpoOXBWZlBYOFJ1QTBvOUV1bHRQKy9uNGhQeEdoeHJHMUF4b0tZcHVPTldnK2NUclR3Y0IyS2ZDUWp1K0I4d0UybFk0QUpJckxIRDU0NW1ldDRaVmdtV0lpamtScnVOUGwrRlc5ek9rZWl0VnM2Snd2dXBIRVUxYkpXSDhBY0hZPXw&cppv=2

Request Chain 50

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 98

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&bundle=cWOzfV8yVmVYZ0VkWURhenhCeCUyQkJ0dWtyNnpQNkR5UUtFMGo2JTJGZGZZOWNmVXljSjdsWE8lMkZoMG5YSDVOWWhVUVBqRERzS2IyN3hhdVZrRWJBdmpPNlZ1Q0U0MzJuNyUyQjhJaTNmMWpWOTlzSG44RlNrVEtqOVoyRmxzSlhreFJFS1BkbTlB&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=HrhxGXxuSkcxcUF5ZDJQSm55d3dTbTI2OVJDd0J4M3QxRDlYVjBoRFpNOEd0Wityd2V0SmpuenhTS3NmTVdrZjVLS25CdDFWTEorUlBFQ09sRjBOZ0k4Vnl2N2MzWmtGNVY0dWpvRFNBY0RxSExzcmFZZ3dFU2JnRU1OY1ZxNHB5a2l4SFdRdUxWR1htL1JlNm1tNnE2YXo3c3lYRHdQOTgvSnI0N0JkcGk0Nm5acGpVZ3p3eEFRM2pBOVVCc1J0SkNYaU1oT2lST1RrUXRZb3ArM3RFN3d5YVg4Q1d2bUMrSWE0YXV2eHJNekVscmszemJEa1RNdzFRbzRKd1NXM1lhdFhHfA&cppv=2

Request Chain 100

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 122

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RqwCh1lLQ8aVjU-x231KFg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RqwCh1lLQ8aVjU-x231KFg

Request Chain 125

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id= HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=

Request Chain 126

https://id.rlcdn.com/709414.gif HTTP 307
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

Request Chain 127

https://ib.adnxs.com/getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID HTTP 302
https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=1897824813687407767

Request Chain 128

https://s.company-target.com/s/rp HTTP 302
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=3fa0b30c-b408-46d3-983d-4728a962a37a

Request Chain 130

https://adlv.hit.gemius.pl/dataredir?rid=xnjrkiktyj&url=pixel-eu.onprospects.com%2F%3Fpartner%3D254%26mapped%3DHCUDATA%26gdpr%3D0%26gdpr_consent%3D HTTP 301
https://pixel-eu.onprospects.com/?partner=254&mapped=9KeFIID7jbnO5oR86YnAYHjGNI3s2jIy8zNEcVL3hOX.87&gdpr=0&gdpr_consent= HTTP 301
https://pixel-eu.onaudience.com/?partner=254&mapped=9KeFIID7jbnO5oR86YnAYHjGNI3s2jIy8zNEcVL3hOX.87&gdpr=0&gdpr_consent=&onp HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 152

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTVRRM01UYzFNRGN0TnpObVpTMHpPR0UxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5Mjg4NDgxNzM0MjEzMjk2MzEvNjYyMjQwNC80NTYyMzEyLzEzL2ZVc3YzNlpYTWJFSEJ6MjVQMGxsY2FTSHJ1T1J6TDc4N2REVWRCNjhUMW8vMS8xMy8wLzAvOTU2ODAzLzI5OTcwMTQ5MTgvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzI5Mjg4NDgxNzM0MjEzMjk2MzEvenJoLzAvNTEzLzgwLzk5OS8zMjIvMTc4LjE2Mi4yMDkuMC8wLjAwMC8xNjc1Nzk0MTQ5LzE2NzU4MDY3NDkvMTMvMzcxMS8/F0FIKtCLTjMGyeIJGQ6sG28Uu9A&nodeid=3747&group=zrh&auctionid=2928848173421329631&pbs_auctionid=2928848173421329631&shardkey=2928848173421329631&sid=4562312&cid=6622404&bp=a_aefiia&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.135.81&type=imp&client=c2s HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=2928848173421329631&node_id=3747&exch_id=13

Request Chain 161

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&bundle=Q-fpBV8yVmVYZ0VkWURhenhCeCUyQkJ0dWtyNjM5bXpjRkdPWXBHbVZBenMlMkIyMVZyWW1NNVJCakIxWEFyZjlKWmtLelVkSWl3dyUyRnVEcGxoYVBTQ21DdDBIaGI2OTZ6WHNqZCUyRnczJTJCekkwSzlOa1NTZXQ5RkdNc3QySVVzQXhkaXV6MnRGUDg&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=GwaJCnxvMHhMcGVvemFhaVRCUSswSUZidnpuQ2I2Z0pIZitBZmhNOGFTL1dYRFJGSVdDd0p3SEwzNUhkQjd4OGtwVnRnOGxBVmpvc1JocGp6WCsrWjMyZlVkcEFaOHczWWlvU0lxWFNMNlNGMXVqUFMwK3FwVU5vUFZDS2ZMOU56WEJEb1pOMW12WE1qaExoUmxjZkcyK3hQb0oxaGR6d091a0poeC9pRzhiUWN6LzY5NTBycWF6S0lTWDdpWDFLN21zZGlUQ2JWMnFRRlZ1VTUxdWlaMWNpeG4xTkY1VkYyaTkzSFBGZFdEMVVLWWIyTHFJekdURTg1d21FWjJHME1jZ1NOfA&cppv=2

Request Chain 164

https://hal900018.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=75303ccbff&subid=&uid=3528c7ca6bf51396&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2928848173421329631%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Flink1s.com%2F6EONEO5&ancestorOrigins=https%3A%2F%2Flink1s.com%2Chttps%3A%2F%2Flink1s.com&random=4234879754983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900018.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=75303ccbff&subid=&uid=3528c7ca6bf51396&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2928848173421329631%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Flink1s.com%2F6EONEO5&ancestorOrigins=https%3A%2F%2Flink1s.com%2Chttps%3A%2F%2Flink1s.com&random=4234879754983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=872cbdf4-c1b4-4648-46e5-fab299c994cc&reqId=1c3d0a43-2933-4d6f-52f2-52026d41e8a8&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=872cbdf4-c1b4-4648-46e5-fab299c994cc&reqId=1c3d0a43-2933-4d6f-52f2-52026d41e8a8&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESELvT4iAsmT0icx9X8g14PFI&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=872cbdf4-c1b4-4648-46e5-fab299c994cc&reqId=1c3d0a43-2933-4d6f-52f2-52026d41e8a8&zdid=1258

Request Chain 180

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=58086800162205400951435012228018&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=58086800162205400951435012228018&actionid=981741&produktid=&dt_url=

Request Chain 181

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=58086800162205400951435012228018&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2219836856

Request Chain 183

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNPWrtiDhP0CFZqdmgod_mIKPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465

Request Chain 185

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=58086800162205400951435012228018 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=58086800162205400951435012228018 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=56b511f6-7ef9-47f3-9166-3d4be327e896 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=56b511f6-7ef9-47f3-9166-3d4be327e896&google_gid=CAESENQfgxqDAmai4GvclcYrSfg&google_cver=1

Request Chain 199

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D56b511f6-7ef9-47f3-9166-3d4be327e896 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D56b511f6-7ef9-47f3-9166-3d4be327e896 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&fid=56b511f6-7ef9-47f3-9166-3d4be327e896

Request Chain 201

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252F6EONEO5%26hn_ver%3D40%26fid%3D56b511f6-7ef9-47f3-9166-3d4be327e896%26dsp%3Dpub_common%26dsp_uid%3D34c6ef94-ebea-4806-af04-feda1a0b66a5 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=1897824813687407767&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F6EONEO5&hn_ver=40&fid=56b511f6-7ef9-47f3-9166-3d4be327e896&dsp=pub_common&dsp_uid=34c6ef94-ebea-4806-af04-feda1a0b66a5

Request Chain 251

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=75d82d98-f77a-44d1-9979-a9b7273b5122&ssp=between&gdpr=&gdpr_consent=

Request Chain 252

https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1ualowUEx0RTJ1RWlqTWFtazUycThHM1NUeHBfeGtPbFA3TEdjZEUtfkE%3D&gdpr=0

Request Chain 254

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usP29rwFbMO3.AikABlGGLR1-jA

Request Chain 274

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739

Request Chain 275

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739

Request Chain 276

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739

Request Chain 277

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=79b04f57-acc2-4297-8511-2f22765a5bb3&ssp=between&gdpr=&gdpr_consent=

Request Chain 278

https://c1.adform.net/serving/cookie/match?party=14&cid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=

Request Chain 279

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7fe63e2-96e6-4d00-be93-63a4dbc07294&gdpr=0&gdpr_consent=

Request Chain 280

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=428985312418118942

Request Chain 282

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uswlpLXJJaChniOjv8ht87XPI6WhnSOkuc8BPSKS

Request Chain 284

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1897824813687407767&gdpr=0&gdpr_consent=

Request Chain 285

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7197481081972193431&gdpr=0&gdpr_consent=

Request Chain 286

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=chZLR3MPQDpwLQOVyA_EQbKi0YY&gdpr=0&gdpr_consent=

Request Chain 287

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y_KW6QADoAP_zQBh HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_KW6QADoAP_zQBh&gdpr=1&gdpr_consent=&_test=Y_KW6QADoAP_zQBh

Request Chain 288

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKX2lVN0h4UzRBQUNDNDRxT0F5QQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJ_iU7HxS4AACC44qOAyA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJ_iU7HxS4AACC44qOAyA&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJ_iU7HxS4AACC44qOAyA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5803091091849309759&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_iU7HxS4AACC44qOAyA&gdpr=0&gdpr_consent=

Request Chain 289

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675794153190 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6586380883

Request Chain 290

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 293

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 295

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYMhgMUSTSXQXUhjW%2526gdpr%253D0%2526gdpr_consent%253D

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e6me93yWRdKfw1tb8_tWdw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 297

https://pixel.onaudience.com/?partner=214&mapped=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D

Request Chain 298

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&addseg=19,36,42

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0JBOTlFRjctN0M5Ni00NUQyLTlGQzMtNUI1QkYzRkI1Njc3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 300

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFh4dacoew5RULVNWycSMSA&google_cver=1

Request Chain 302

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2229061586835553493

Request Chain 306

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_DxrQIhE2uW6d7EFYaUc7lkf_SJZxx0-~A&gdpr=0

Request Chain 309

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2457898670943841534&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 310

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:14f822ee-5b3f-4186-a735-3771e8acd545&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 311

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1897824813687407767

Request Chain 317

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1 HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6fhDinjgSSuLnpkJSAAA%261179

Request Chain 318

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1 HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6TSLyaHSi5Am8NCJwwAA%261104

Request Chain 319

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1 HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6Tobtz9LxcBCJgFz5wAA%261204

Request Chain 321

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjprYqfBqIBEGQLtASnFBHthuAAJZDAZHw* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=640bb404-a714-11ed-86e0-002590c0647c HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=640bb404-a714-11ed-86e0-002590c0647c&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=nhryOs1GV5uXav2Zj%2BYVmg& HTTP 302
https://an.yandex.ru/mapuid/adsniperis/640bb404-a714-11ed-86e0-002590c0647c HTTP 302
https://an.yandex.ru/mapuid/adsniperis/640bb404-a714-11ed-86e0-002590c0647c?redir-setuniq=1

Request Chain 335

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881

Request Chain 336

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881

Request Chain 338

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881

Request Chain 339

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 342

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/589219 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/589219

Request Chain 343

https://x.bidswitch.net/sync?dsp_id=429&user_id=a440e22a-3d79-5226-acbb-451acf59d3ff&expires=60 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=79b04f57-acc2-4297-8511-2f22765a5bb3

Request Chain 349

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf HTTP 303
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8439582860916855881&vid=a6f37f0123013099a595be2217fc435a&dspid=adf

Request Chain 351

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf HTTP 303
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8439582860916855881&vid=a6f37f0123013099a595be2217fc435a&dspid=adf

Request Chain 353

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=79b04f57-acc2-4297-8511-2f22765a5bb3&google_hm=NzliMDRmNTctYWNjMi00Mjk3LTg1MTEtMmYyMjc2NWE1YmIz HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE00SOTh3yOKTWo937nEbSo&google_cver=1&ssp=vidoomy&bsw_param=79b04f57-acc2-4297-8511-2f22765a5bb3 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=79b04f57-acc2-4297-8511-2f22765a5bb3

Request Chain 356

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx&ox_sc=1 HTTP 302
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4e0d4b33-0dbb-4af0-b4bd-e151fe5d7c9b&vid=a6f37f0123013099a595be2217fc435a&dspid=openx

Request Chain 360

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=3xgqnz1wlox8

Request Chain 361

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:595CD457632A41A8BC85F50B666EBC78&gdpr=0&gdpr_consent=

Request Chain 362

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 364

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677 HTTP 302
https://a.audrte.com/p

Request Chain 365

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2320150942 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677

Request Chain 366

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 368

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677 HTTP 302
https://a.audrte.com/p

Request Chain 369

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=9004281 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677

Request Chain 371

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=g4vq6wj9qjhd

Request Chain 372

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:595CD457632A41A8BC85F50B666EBC78&gdpr=0&gdpr_consent=

Request Chain 389

https://gum.criteo.com/sid/json?origin=publishertag&domain=link1s.com&sn=ChromeSyncframe&so=3&topUrl=link1s.com&bundle=VcZ49l8yVmVYZ0VkWURhenhCeCUyQkJ0dWtyNndlNXJEY3MlMkZqNU1SOHZUbWJiVHd1TXhvS1Ridng1RVRtbGtXVUpNbHFzUTZObnhEeFc0eHNxOW51M0d1Q09Jem5iazlKZTJVRSUyRnRicEhhMk1HQ3JvYzRlOElTOTQlMkJmNmpSa3hEMGpEc0Ix&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Gs_6cHxqdS9ncWQ4aUNocndUbTJZc3h0Y2xMK1IyYStEYlBsTUJPS3ltVE9VNC9hRjhpdU5aWlFhby9ma0RiYW1jc0xnZm44U2lzNVFMV2NaOS92cnFBeFhZb3FOSHNER21Gdk1OVFoyUDZERlpPUk8wWmdEdStTZzhVNmFGaU9FdFk3REpJSTlRU0RHMkhLQ1lOa2NFYmZna012Vm5VZEVkMlpHckZlbUcxUHZweXdsVCtPYTgrREJUSWVwcnB3U0FZWVZ6TXRwNmVrdmd5RlNHWXpaUEFoQ0taWWZ4UkFWZTdRTW95dTRFQ3A5bHcvVjZNN25EcW5vaFh0OTJsZlZJWGQ4b0IvK0N4U3JDcjVQMVo1SGl1eS9ucWN4cE1yVGQzdjl0azdzMWYzRzdJMD18&cppv=2

391 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 6EONEO5 Show response
link1s.com/ 25 KB
10 KB 4253ms
3722ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://link1s.com/6EONEO5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs / LarVPS

Resource Hash

800ed566011846e9e5b739affdd94833f0bb0c36b058657f99fc3a61585a8d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 18:22:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: fbs
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-hw: 1675794139.cds272.fr8.hn,1675794139.cds103.fr8.sc,1675794140.waf1-node01-fra02.stackpath.systems.-.wx,1675794140.cds103.fr8.p
x-powered-by: LarVPS
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 3 KB
840 B 57ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 18:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 18:21:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 18:22:23 GMT

GET
H2 200 styles.min.css
link1s.com/cloud_theme/build/css/ 191 KB
40 KB 4574ms
4574ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 56790de2716fb106cfc5fe644691d28a64f8a48b0f0fd323195a3d324e4d7567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/6EONEO5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:23 GMT
content-encoding: gzip
last-modified: Wed, 23 Jun 2021 02:58:02 GMT
server: fbs
etag: W/"60d2a33a-2fa30"
x-hw: 1675794143.cds272.fr8.hn,1675794143.cds327.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 40374

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 137ms
56ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129758818-7

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11df2dc07c63969d57ae27289c430fc5f630dd67616d73d73b02d0bb34c6340d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43922
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 18:22:28 GMT

GET
H2 200 aomini.js Show response
lv.adocean.pl/files/js/ 8 KB
4 KB 175ms
31ms Script
application/x-javascript 54.38.133.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/js/aomini.js
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ip13.ip-54-38-133.eu
Software: GAD /
Resource Hash: 97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:23 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 21:46:31 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "00001FCFAF20B624"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, must-revalidate, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3211
expires: Tue, 07 Feb 2023 22:22:23 GMT

GET
H2 200 logo1s.png
link1s.com/ 30 KB
30 KB 1644ms
1644ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1s.com/logo1s.png

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs / LarVPS

Resource Hash

a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/6EONEO5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 28 Feb 2021 03:13:41 GMT
server: fbs
etag: "603b0a65-7682"
x-download-options: noopen
x-powered-by: LarVPS
content-type: image/png
access-control-allow-origin: *
x-hw: 1675794148.cds272.fr8.hn,1675794148.cds108.fr8.c
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30338
x-xss-protection: 1; mode=block

GET
H2 200 ads.js Show response
link1s.com/js/ 191 B
318 B 4374ms
4373ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://link1s.com/js/ads.js
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/6EONEO5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:24 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 13:24:48 GMT
server: fbs
etag: "5d6e69a0-bf"
x-hw: 1675794144.cds272.fr8.hn,1675794144.cds218.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 160

GET
H2 200 script.min.js Show response
link1s.com/cloud_theme/build/js/ 202 KB
68 KB 1641ms
1641ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://link1s.com/cloud_theme/build/js/script.min.js?ver=6.4.0
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/6EONEO5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
server: fbs
etag: W/"5d6e69a2-32956"
x-hw: 1675794148.cds272.fr8.hn,1675794148.cds249.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 69405

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
900 B 75ms
25ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8d50c6fc61cdafc3970102e5c7ebbe5dd73e594a93dda5693751121b982facf8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580
x-xss-protection: 1; mode=block
expires: Tue, 07 Feb 2023 18:22:28 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
3 KB 155ms
13ms Script
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=5
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 70ee840253a7cb7c07edabed96e9a7cf14e2099c8ee00fc0e1bebd6628d773fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt: AcO1qhEGqgP/CLsAAA
x-accel-expires: @1676351068
date: Tue, 07 Feb 2023 18:22:28 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 4c1562246055e438e496e263dab25814
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 47880

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 160 KB
20 KB 167ms
26ms Script
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8efb98d5b6710f1b4ea68608f2460312603e9ef40df965dda4ef131f6131ff4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt: AcO1qhHdfHb/f7cAAA
x-accel-expires: @1676351973
date: Tue, 07 Feb 2023 18:22:28 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 4c1562246055e438e496e263fd256114
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 46975

GET
H2 200 ser.php Show response
ssp.web1s.com/ 2 KB
1 KB 186ms
90ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.web1s.com/ser.php?t=AADIV35&f=35&psc=

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

nginx / LarVPS

Resource Hash

77b71c8fcb2a0498210f38c4eca6c805ff7d7de400ae6ccd5beff7f250b5a88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
x-powered-by: LarVPS
x-download-options: noopen
x-hw: 1675794148.cds273.fr8.hn,1675794148.cds123.fr8.sc,1675794148.cds123.fr8.p
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 201ms
121ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f085181d0ec92ec4d3225415024e9faddd385d5c7c8b68f1f1f3b5af9ef204f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50037
x-xss-protection: 0
server: cafe
etag: 17452656862779745182
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 18:22:28 GMT

GET
H2

200

ad.js Show response
lv.adocean.pl/__/_1675794148/
Redirect Chain

https://lv.adocean.pl/_1675794148200/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200
https://lv.adocean.pl/__/_1675794148200/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200
https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1675794148%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DD1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7%2Fx...
https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1675794148%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DD1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7%...
https://lv.adocean.pl/__/_1675794148/ad.js?hclsdata=&hcudata=uuAQbug_0ckYKqIsSQ0f7hyblKK0ney9.jkTeEy4CXz.H7&id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200

58 KB
18 KB

32ms
32ms

Script
application/x-javascript

54.38.133.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/__/_1675794148/ad.js?hclsdata=&hcudata=uuAQbug_0ckYKqIsSQ0f7hyblKK0ney9.jkTeEy4CXz.H7&id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ip13.ip-54-38-133.eu
Software: GAD /
Resource Hash: 969e62eaa54e26c98a400bfbea54abfa2b626f540a1995cca6ed4c6b302979be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: gzip
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17798
expires: Mon, 06 Feb 2023 18:22:28 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://lv.adocean.pl/__/_1675794148/ad.js?hclsdata=&hcudata=uuAQbug_0ckYKqIsSQ0f7hyblKK0ney9.jkTeEy4CXz.H7&id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 06 Feb 2023 18:22:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
27ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 17:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4220
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 07 Feb 2023 19:12:08 GMT

GET
H2 200 Ae7yeot.gif
i.imgur.com/ 46 KB
47 KB 121ms
21ms Image
image/gif 199.232.16.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Ae7yeot.gif

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

81a21aa49d24881a8da8302aef6ed5877465508f4541f5209050a3289548a281

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2891687
x-cache: HIT, HIT
content-length: 47404
x-served-by: cache-iad-kjyo7100097-IAD, cache-vie6375-VIE
last-modified: Tue, 13 Dec 2022 06:00:07 GMT
server: cat factory 1.0
x-timer: S1675794148.497594,VS0,VE2
etag: "bd4590a459f8a3914fbfa0622800b6b5"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 24167, 1

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 127ms
28ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://link1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:21:12 GMT
x-content-type-options: nosniff
age: 10876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:21:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/ Frame BB1F 10 KB
5 KB 48ms
12ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 13:05:26 GMT
etag: 10353107486223812946
expires: Tue, 21 Feb 2023 13:05:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 49ms
48ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=970438936&t=pageview&_s=1&dl=https%3A%2F%2Flink1s.com%2F6EONEO5&ul=en-us&de=UTF-8&dt=Link1s.com%20-%20Best%20URL%20Shortener%20To%20Earn%20Money&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1054791458&gjid=1721077954&cid=657712977.1675794149&tid=UA-129758818-7&_gid=311395970.1675794149&_r=1&gtm=457e3210&z=365643782

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xgde.js Show response
adlv.hit.gemius.pl/gdejs/ 56 KB
20 KB 31ms
31ms Script
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/_1675794148200/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 243ff4b38ca5fe323056ea75585fb66ec3ed73293eac13e7d215376f1418eb4a

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 07:57:30 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "63D7786A0000E1021FE82885"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20061
expires: Wed, 08 Feb 2023 18:22:28 GMT

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1675794148836/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=63E296E411833636;/inner=%7C;/ 2 B
213 B 32ms
31ms Ping
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1675794148836/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=63E296E411833636;/inner=%7C;/extra=;
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://link1s.com
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Mon, 06 Feb 2023 18:22:28 GMT

GET
H2 200 / Show response
link1s.com/sbbi/ Frame D9DF 25 KB
11 KB 3950ms
3949ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=QA&sbbgs=h4f1d2a26bb25517911d65a0d9a2ce203670&ddl=-163
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 19258dc4303d934eb1a25b3194f9b45d2543e69d8cc3aa86a44535020f2c7620

Request headers

Referer: https://link1s.com/6EONEO5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 18:22:28 GMT
server: fbs
x-accel-expires: 0
x-hw: 1675794148.cds272.fr8.hn,1675794148.cds255.fr8.sc,1675794148.cdn2-wafbe01-fra1.stackpath.systems.-.i,1675794148.cds255.fr8.p

GET
H2 200 /
link1s.com/sbbi/ 43 B
252 B 3947ms
3947ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link1s.com/sbbi/?sbbpg=utMedia&vii=dh348fe17d227a72f6cbfb9295b5e1e7a9a1318d7615fa20cd194a621c7ef270o3p6p7p0
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/6EONEO5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
x-accel-expires: 0
date: Tue, 07 Feb 2023 18:22:28 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server: fbs
x-hw: 1675794148.cds272.fr8.hn,1675794148.cds279.fr8.sc,1675794148.waf1-node01-fra02.stackpath.systems.-.i,1675794148.cds279.fr8.p
content-type: image/gif

GET
H2 200 ser.php Show response
ssp.web1s.com/ 1 KB
693 B 56ms
56ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.web1s.com/ser.php?t=AADIV58&f=58&psc=

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

nginx / LarVPS

Resource Hash

a3767fe3074b34ca1d79cb9e6b862a69c047c51bb4cfad9379e553ef0f8eeb99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
x-powered-by: LarVPS
x-download-options: noopen
x-hw: 1675794148.cds273.fr8.hn,1675794148.cds290.fr8.sc,1675794148.cds290.fr8.p
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 ad.js Show response
lv.adocean.pl/_1675794148844/ 58 KB
18 KB 33ms
33ms Script
application/x-javascript 54.38.133.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/_1675794148844/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/js/aomini.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ip13.ip-54-38-133.eu
Software: GAD /
Resource Hash: 6234203b7fb9d740f58301e4ada2e695dc6feda41f4aab6943ed94b79052cb7c

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: gzip
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17801
expires: Mon, 06 Feb 2023 18:22:28 GMT

GET
H2 200 header.jpg
link1s.com/cloud_theme/build/img/ 32 KB
32 KB 3952ms
3952ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1s.com/cloud_theme/build/img/header.jpg

Requested by

Host: link1s.com
URL: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs / LarVPS

Resource Hash

fb6ea9089178b18c66e8110965f05a461c772ce16debb14c3e61d4bae3e6c3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 Jun 2020 06:00:41 GMT
server: fbs
etag: "5ee70e89-7e60"
x-download-options: noopen
x-powered-by: LarVPS
content-type: image/jpeg
access-control-allow-origin: *
x-hw: 1675794149.cds272.fr8.hn,1675794149.cds241.fr8.c
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 32352
x-xss-protection: 1; mode=block

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 30ms
29ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://link1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 588763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:49:45 GMT

GET
H2 200 fontawesome-webfont.woff2
link1s.com/cloud_theme/build/fonts/ 75 KB
76 KB 3992ms
3991ms Font
font/woff2 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://link1s.com/cloud_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: link1s.com
URL: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs / LarVPS

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Origin: https://link1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
server: fbs
etag: "5d6e69a2-12d68"
x-download-options: noopen
x-powered-by: LarVPS
content-type: font/woff2
access-control-allow-origin: *
x-hw: 1675794149.cds272.fr8.hn,1675794149.cds234.fr8.c
cache-control: max-age=3343
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block

GET
H2 200 f0e1efd3-353f-4ff1-b037-202b7bb3383d Show response
boot.pbstck.com/v1/tag/ Frame B18C 1 KB
701 B 81ms
47ms Script
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566b4487beba6a178a9503dbedc97d9b0d3104669a66a8cc8ba359469836a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-ray: 795e26b69884bbcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Show response
boot.pbstck.com/v1/tag/ Frame B18C 2 KB
872 B 79ms
44ms Script
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa134f24883f8e8e029bc8dd1347469302f386d59b9ec09fa4333029bb9e978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-ray: 795e26b69888bbcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame B18C 480 KB
138 KB 66ms
28ms Script
application/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: HjfY42wqSWw306GoqTYOLw==
age: 1930
x-ms-lease-status: unlocked
last-modified: Tue, 07 Feb 2023 13:49:35 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a6bdd7c9-a01e-0005-23fb-3a2d4c000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 795e26b6ad929295-FRA
expires: Tue, 07 Feb 2023 22:22:28 GMT

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1675794148923/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=63E296E411833636;/inner=%7C;/ 2 B
172 B 33ms
32ms Ping
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1675794148923/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=63E296E411833636;/inner=%7C;/extra=;
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://link1s.com
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Mon, 06 Feb 2023 18:22:28 GMT

GET
H2 200 ad.js Show response
lv.adocean.pl/_1675794148924/ 58 KB
18 KB 34ms
34ms Script
application/x-javascript 54.38.133.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/_1675794148924/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/js/aomini.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ip13.ip-54-38-133.eu
Software: GAD /
Resource Hash: fcb437012afe81a3f45af51fdb3b2f28cf09ed1c274d33fe5551d764babffac9

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: gzip
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17801
expires: Mon, 06 Feb 2023 18:22:28 GMT

GET
H2 200 f0e1efd3-353f-4ff1-b037-202b7bb3383d Show response
boot.pbstck.com/v1/tag/ Frame 1D4F 1 KB
702 B 52ms
51ms Script
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da5109bd07618648105067c223b4d26ae424d5ef45a164cdc1733def34ca2d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-ray: 795e26b6d8dbbbcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Show response
boot.pbstck.com/v1/tag/ Frame 1D4F 2 KB
719 B 41ms
40ms Script
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ccc96d34716c152bc85fc7a61c3d5b116119e7796e32783fd8470cf364bda9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-ray: 795e26b6d8e0bbcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 1D4F 480 KB
138 KB 24ms
23ms Script
application/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: HjfY42wqSWw306GoqTYOLw==
age: 1930
x-ms-lease-status: unlocked
last-modified: Tue, 07 Feb 2023 13:49:35 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a6bdd7c9-a01e-0005-23fb-3a2d4c000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 795e26b6ddd99295-FRA
expires: Tue, 07 Feb 2023 22:22:28 GMT

GET
H2 200 xgde.html Show response
adlv.hit.gemius.pl/gdejs/ Frame 3778 303 B
315 B 57ms
57ms Document
text/html 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.html
Requested by: Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 215
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 18:22:28 GMT
etag: "5996D7A50000012F9178E011"
expires: Wed, 08 Feb 2023 18:22:28 GMT
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin

GET
H2 200 index-monitoring-301583c.js Show response
cdn.pbstck.com/ Frame B18C 183 KB
50 KB 56ms
25ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/index-monitoring-301583c.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 628df093648df73d0dbff4905ba7262d40e4e70bead5b3ae73ab4634965719fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 563722
x-guploader-uploadid: ADPycdtbKFHwhj8clUX7EbJJyecY3rBvlkr0sNPOa8rvImH-_q1RSYF6gOVtCPOdOZcGMdQDVIA14P1IV0kAuLgsdNMVzg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Dec 2022 16:22:05 GMT
server: cloudflare
etag: W/"2792a8f5102a28ea35670b4c11d66b7d"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1670862125732888
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=K58Y6w==, md5=J5Ko9RAqKOo1ZwtMEdZrfQ==
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 50705
cf-ray: 795e26b71b5d3722-FRA
expires: Wed, 08 Feb 2023 05:10:34 GMT

GET
H2 200 index-refresh-301583c.js Show response
cdn.pbstck.com/ Frame B18C 148 KB
42 KB 48ms
18ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/index-refresh-301583c.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad1075241aa892fe10fd2f06072fd9d2d88bc4f51e6bd32bcc8444d5997a1153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 563722
x-guploader-uploadid: ADPycdu6DNiq3GnFa--JIe7wh5YM2j11RqluNrw4B_6-vEcmr7vn9GcS0ShboGlu-JKad3OFhkRGosH2biZTW-7WF4AYUmGWfyIq
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Dec 2022 16:22:09 GMT
server: cloudflare
etag: W/"4bfc9434348caf53e03a05f3e7b5a6e3"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1670862129104500
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=krrFFQ==, md5=S/yUNDSMr1PgOgXz57Wm4w==
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 41934
cf-ray: 795e26b71b5f3722-FRA
expires: Wed, 08 Feb 2023 05:30:55 GMT

GET
H2 200 collector-6ca1a84.js Show response
cdn.pbstck.com/ Frame B18C 148 KB
41 KB 58ms
29ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/collector-6ca1a84.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e6a1c600a90557e1817df308d3c117be294c1846e41349e2219901ea38216b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 90871
x-guploader-uploadid: ADPycdttufTAMCHKuo2LvNlosy1gX8qgR9rcOTdyU1HzASRQUtjC3PQTJZLZMkGwOLRVBpdn6cBmgMzZJAeslASdLq27
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Feb 2023 16:57:38 GMT
server: cloudflare
etag: W/"98b6f581c22df56ab9068dd3ef7d0b02"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1675702658310399
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=ByGhZA==, md5=mLb1gcIt9Wq5Bo3T730LAg==
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 40675
cf-ray: 795e26b71b633722-FRA
expires: Mon, 13 Feb 2023 16:58:11 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 54ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://link1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Feb 2023 18:22:28 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 515543
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame B18C 483 B
1 KB 43ms
13ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1905521
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bsc6icDYxCu1oGgFNI7P6NOlDWT96%2BFze6NkyTD0w8HRat1mCZiuCq2wi7ePJPpv9%2BbLTWbIdk3mEiu7D6KznDIU0Drt%2F6bm4d9reK82O85OMlfg0ctw0gkQBTgeynGMGV%2Bazy%2FHz4PdUTGA"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 795e26b75cf99244-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame B18C
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=7Bh8CXwyWFZmT2kyQVFmSWlXVzhuVzdobG45QXFGQTk1VGFScjJpWGlvUGtBQ1hNYnZpc2VPQ2ZrZitaeXRXZFlBSEk1VGE3eGFtdHJMZmdSellkMWxZR3hkMzgvYlJMUjN1L0ZkZHlublNLdHpXK2draVFiam9sUEJNOF...

359 B
645 B

43ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7Bh8CXwyWFZmT2kyQVFmSWlXVzhuVzdobG45QXFGQTk1VGFScjJpWGlvUGtBQ1hNYnZpc2VPQ2ZrZitaeXRXZFlBSEk1VGE3eGFtdHJMZmdSellkMWxZR3hkMzgvYlJMUjN1L0ZkZHlublNLdHpXK2draVFiam9sUEJNOFdwVHVOTzVmbUdnMU00ZElOa0RBZkpsZVBZRUJRdjZ5MlJ6Qlhsc21uNXJHNVJXV1lRV0ZaNGtZTUxVbk1LaHMzUTRjblpvK0V2ZTVFZUlVb3JDeC9tWGUwdk1jK2ZCNkJtQWFrdlZzcldMZFh1RGt6U0N3PXw&cppv=2

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8e7617df8229ae6b8cf230e8c5381f94bc3974b6df2e76e6e31753d7ffd03b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1056658
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=7Bh8CXwyWFZmT2kyQVFmSWlXVzhuVzdobG45QXFGQTk1VGFScjJpWGlvUGtBQ1hNYnZpc2VPQ2ZrZitaeXRXZFlBSEk1VGE3eGFtdHJMZmdSellkMWxZR3hkMzgvYlJMUjN1L0ZkZHlublNLdHpXK2draVFiam9sUEJNOFdwVHVOTzVmbUdnMU00ZElOa0RBZkpsZVBZRUJRdjZ5MlJ6Qlhsc21uNXJHNVJXV1lRV0ZaNGtZTUxVbk1LaHMzUTRjblpvK0V2ZTVFZUlVb3JDeC9tWGUwdk1jK2ZCNkJtQWFrdlZzcldMZFh1RGt6U0N3PXw&cppv=2
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 624701
content-length: 0
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame B18C 216 B
620 B 60ms
15ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

991e60adbc55433855ce64759668e08bbd8eb16c0cc809f5d21e7ab4e162e5b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
date: Tue, 07 Feb 2023 18:22:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C7CC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

92ms
11ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Feb 2023 18:22:29 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 07 Feb 2023 18:22:29 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

GET
H2 200 xgde.js Show response
adlv.hit.gemius.pl/gdejs/ Frame 3778 56 KB
20 KB 33ms
32ms Script
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 243ff4b38ca5fe323056ea75585fb66ec3ed73293eac13e7d215376f1418eb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adlv.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 07:57:30 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "63D7786A0000E1021FE82885"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20061
expires: Wed, 08 Feb 2023 18:22:29 GMT

GET
H2 200 xgde.js Show response
adlv.hit.gemius.pl/gdejs/ 56 KB
20 KB 32ms
32ms Script
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/_1675794148924/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 243ff4b38ca5fe323056ea75585fb66ec3ed73293eac13e7d215376f1418eb4a

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 07:57:30 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "63D7786A0000E1021FE82885"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20061
expires: Wed, 08 Feb 2023 18:22:29 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 17ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://link1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Feb 2023 18:22:28 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 575653
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 1D4F 483 B
1015 B 17ms
16ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1905521
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdLSaGaiDtnX6DwjfKPyxfMZM2mChLQK53SMPlJCozx3UNjuElCEHYH9Fl%2F2e3E8H3VYcFVgH6vC4ttHGA5i96v2h3GX9czJ9KunwDZJNh505j2edaVHWFqCxzF3kvebYDib7VRc4qwtTfTp"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 795e26b7bd9a9244-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1D4F
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=tzJFjXxXZ3FYZ0I2ZiszTHZnUFNLVWhrN2l0RDV3Tjd5VllvTHNwMnhaalBMbWxmYWZSY0JZdXowNlJhWlZHN2FFa2g5MmNiNGRvYVVNblhoUFBvbTJBUDZnZHBQQStMOHZ1NElEU1o5dFRDcy9KUlpoOXBWZlBYOFJ1QT...

362 B
650 B

45ms
19ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tzJFjXxXZ3FYZ0I2ZiszTHZnUFNLVWhrN2l0RDV3Tjd5VllvTHNwMnhaalBMbWxmYWZSY0JZdXowNlJhWlZHN2FFa2g5MmNiNGRvYVVNblhoUFBvbTJBUDZnZHBQQStMOHZ1NElEU1o5dFRDcy9KUlpoOXBWZlBYOFJ1QTBvOUV1bHRQKy9uNGhQeEdoeHJHMUF4b0tZcHVPTldnK2NUclR3Y0IyS2ZDUWp1K0I4d0UybFk0QUpJckxIRDU0NW1ldDRaVmdtV0lpamtScnVOUGwrRlc5ek9rZWl0VnM2Snd2dXBIRVUxYkpXSDhBY0hZPXw&cppv=2

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8bc68e3cc95c7d1d23cd1dae9d9c086a74d8f24ea564421ce41e35115f8f2278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1507624
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=tzJFjXxXZ3FYZ0I2ZiszTHZnUFNLVWhrN2l0RDV3Tjd5VllvTHNwMnhaalBMbWxmYWZSY0JZdXowNlJhWlZHN2FFa2g5MmNiNGRvYVVNblhoUFBvbTJBUDZnZHBQQStMOHZ1NElEU1o5dFRDcy9KUlpoOXBWZlBYOFJ1QTBvOUV1bHRQKy9uNGhQeEdoeHJHMUF4b0tZcHVPTldnK2NUclR3Y0IyS2ZDUWp1K0I4d0UybFk0QUpJckxIRDU0NW1ldDRaVmdtV0lpamtScnVOUGwrRlc5ek9rZWl0VnM2Snd2dXBIRVUxYkpXSDhBY0hZPXw&cppv=2
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 543708
content-length: 0
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 1D4F 216 B
620 B 14ms
14ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

ffe904d4afa3bcc2777589cd235c2f06bc6f01a296cf3220eedf5ff474a4cad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
date: Tue, 07 Feb 2023 18:22:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 84CC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

55ms
9ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Feb 2023 18:22:29 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 07 Feb 2023 18:22:29 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

GET
H2 200 index-monitoring-301583c.js Show response
cdn.pbstck.com/ Frame 1D4F 183 KB
50 KB 22ms
21ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/index-monitoring-301583c.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 628df093648df73d0dbff4905ba7262d40e4e70bead5b3ae73ab4634965719fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 563723
x-guploader-uploadid: ADPycdtbKFHwhj8clUX7EbJJyecY3rBvlkr0sNPOa8rvImH-_q1RSYF6gOVtCPOdOZcGMdQDVIA14P1IV0kAuLgsdNMVzg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Dec 2022 16:22:05 GMT
server: cloudflare
etag: W/"2792a8f5102a28ea35670b4c11d66b7d"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1670862125732888
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=K58Y6w==, md5=J5Ko9RAqKOo1ZwtMEdZrfQ==
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 50705
cf-ray: 795e26b7cc7c3722-FRA
expires: Wed, 08 Feb 2023 05:10:34 GMT

GET
H2 200 index-refresh-301583c.js Show response
cdn.pbstck.com/ Frame 1D4F 148 KB
41 KB 17ms
16ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/index-refresh-301583c.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad1075241aa892fe10fd2f06072fd9d2d88bc4f51e6bd32bcc8444d5997a1153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 563723
x-guploader-uploadid: ADPycdu6DNiq3GnFa--JIe7wh5YM2j11RqluNrw4B_6-vEcmr7vn9GcS0ShboGlu-JKad3OFhkRGosH2biZTW-7WF4AYUmGWfyIq
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Dec 2022 16:22:09 GMT
server: cloudflare
etag: W/"4bfc9434348caf53e03a05f3e7b5a6e3"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1670862129104500
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=krrFFQ==, md5=S/yUNDSMr1PgOgXz57Wm4w==
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 41934
cf-ray: 795e26b7cc7f3722-FRA
expires: Wed, 08 Feb 2023 05:30:55 GMT

GET
H2 200 collector-6ca1a84.js Show response
cdn.pbstck.com/ Frame 1D4F 148 KB
41 KB 19ms
18ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/collector-6ca1a84.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e6a1c600a90557e1817df308d3c117be294c1846e41349e2219901ea38216b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 90872
x-guploader-uploadid: ADPycdttufTAMCHKuo2LvNlosy1gX8qgR9rcOTdyU1HzASRQUtjC3PQTJZLZMkGwOLRVBpdn6cBmgMzZJAeslASdLq27
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Feb 2023 16:57:38 GMT
server: cloudflare
etag: W/"98b6f581c22df56ab9068dd3ef7d0b02"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1675702658310399
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=ByGhZA==, md5=mLb1gcIt9Wq5Bo3T730LAg==
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 40675
cf-ray: 795e26b7cc823722-FRA
expires: Mon, 13 Feb 2023 16:58:11 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 121ms
25ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://link1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 07 Feb 2023 18:22:29 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame B18C 275 B
487 B 274ms
244ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eaee741cff05047dc7513ffacf9c11ab52c277383f407cdc67d8d8f66991247

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCCpSfGzfhJhQw3nkX971fPDUH02%2FGiN1ePhttSVNOOvlYV0bfIHuERZt0lmJv%2F3YvTQBzpEh8kI1MAwsOkqDdsm5xSy%2BRunZhg3WyrR5h1E9ugJgt2gO1VeZ0tJOtAbHDxDX8zsMHjFWRn05Twlke49kEiz"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 795e26b81ee5371c-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame B18C 236 B
734 B 116ms
87ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6189f05898a5cf28b322192f64300908af500310a614a725ec7e9356c1af4dd

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.234.0-3-gde6ed827
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrkYd1iZHb200dEA0uV%2FoMgNSYFaDYQAy1xMr2e%2Bnb9tpff%2FI4Nn%2FEOk1e%2FnRmw3PunBHFHcjfGGNcfRu6331E2KIcj%2BrVZgM1M8pQT1drj9Vhr8K%2FlPFOcUbKMSPR%2Bc7NCw9jpATYDeP1vqgNydTXl%2BJDa5"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 795e26b81ee6371c-FRA
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame B18C 0
20 B 280ms
88ms XHR
text/plain 145.40.88.5
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 07 Feb 2023 18:22:28 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://link1s.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 200 prebid Show response
mp.4dex.io/ Frame B18C 114 B
600 B 53ms
27ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d6060ea8e4b47ae87e9df3f019c545bdeb4dfa508ec82c748aa997015274e4

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-sc-4971-if180-gcp-ams
date: Tue, 07 Feb 2023 18:22:29 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: div-custom-ad-1675794148859-0, Process Seats Booster. unable to get the seat booster engine for organization: 1053
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 795e26b8182f9a15-FRA
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame B18C 0
404 B 126ms
77ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B18C 0
56 B 540ms
207ms XHR
text/plain 204.237.133.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 Ambler, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
date: Tue, 07 Feb 2023 18:22:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B18C 0
211 B 739ms
246ms XHR
text/plain 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=11872542204

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame B18C 2 KB
2 KB 144ms
88ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e15bd32ecd9207cb94bfdeda3d2388722b8eaad56adbb03cae97d04bb847474f

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:29 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1983
Expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame B18C 0
173 B 54ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
date: Tue, 07 Feb 2023 18:22:29 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame B18C 2 B
906 B 141ms
14ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B18C 139 B
945 B 57ms
7ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2ba03f0403679507b35a2853531e10ccfd33d8460d72db2cf841d3ad79b44a4e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:29 GMT
AN-X-Request-Uuid: 57f63503-22c7-4037-bfec-466a4704f803
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame B18C 15 B
358 B 52ms
15ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://link1s.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 51ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Feb 2023 18:22:28 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 385071
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 84CC 33 KB
10 KB 78ms
78ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07bdb215b4725fdc08a3aa5ef110a97212da1ec587f838d0d2ebdc145fe7513f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 04:39:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37007
Connection: keep-alive
Content-Length: 10006
Expires: Wed, 08 Feb 2023 04:39:16 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C7CC 33 KB
10 KB 178ms
177ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07bdb215b4725fdc08a3aa5ef110a97212da1ec587f838d0d2ebdc145fe7513f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 04:39:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37007
Connection: keep-alive
Content-Length: 10006
Expires: Wed, 08 Feb 2023 04:39:16 GMT

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 1D4F 275 B
511 B 80ms
79ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eaee741cff05047dc7513ffacf9c11ab52c277383f407cdc67d8d8f66991247

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ba4HWBu12n1J5OxBpTN389kAuw95yHo%2Bf8soBbOVwZz4uG1dLD9bDvx15UKihDVxhx%2BdcU%2BnyOWP8QsDVDjJoz%2B8z8Wvuxhl5YtR1X1Cc5RcNoS7dLAGiS7tbVQof2iSdLPqCpwMm5kEPiNuWrgmqPUXWhaG"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 795e26b87faa371c-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 1D4F 237 B
479 B 184ms
184ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d90400d1829d603aced4e20d203f6653fdb28061b1fac75776e00224c13a1b

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.234.0-3-gde6ed827
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FM0UPyCySMQaQGXS70H2bH3zjkc4LzvEh6IOcklO2xckikS2sllh05GqPkvYLRhOBXl54ENWLu8P47DngRc3HEPwZKlM1t41wwpfRntxd8WK%2BrPor9GO9NWY4o9x6XZhvbBq1KgKjImnIyqUq3Z6tOezWjT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 795e26b87fac371c-FRA
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1D4F 0
212 B 597ms
194ms XHR
text/plain 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=66684173553

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 1D4F 0
166 B 184ms
88ms XHR
text/plain 145.40.88.5
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 07 Feb 2023 18:22:28 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://link1s.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 1D4F 2 KB
2 KB 101ms
73ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e9997d651343a9a81e233f3527a1e5935c0a801c6338310ca1d1e031637fd12

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:29 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1983
Expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1D4F 15 B
357 B 16ms
14ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://link1s.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1D4F 0
112 B 399ms
160ms XHR
text/plain 204.237.133.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 Ambler, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
date: Tue, 07 Feb 2023 18:22:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 1D4F 2 B
906 B 52ms
15ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1D4F 15 KB
6 KB 86ms
86ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

59ffef33f33fcefc350de23b9fe8e788056dc0a17251b149281fd220d1a40453

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1ac291af-5aa2-42c3-9851-29790fe0554f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1D4F 0
172 B 19ms
18ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
date: Tue, 07 Feb 2023 18:22:29 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 1D4F 114 B
295 B 27ms
27ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c3832e9c25021f23e5d62fd7540248aefaa10e31af5e05b10d8b585945584a9

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-sc-4971-if200-gcp-ams
date: Tue, 07 Feb 2023 18:22:29 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 7 inventory rules not found for mediatype: banner and adUnitCode: div-custom-ad-1675794148927-0, Process Seats Booster. unable to get the seat booster engine for organization: 1053
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 795e26b888be9a15-FRA
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 1D4F 0
405 B 119ms
71ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 24ms
24ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://link1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 07 Feb 2023 18:22:29 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame B18C 74 KB
23 KB 42ms
27ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 571873
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WaoQ3h5eed3Ut9p%2BeIcAGi2TLUT7l1T4hwGYbphx7MyU%2BhnvDE0GvitJmNheGKNdOOkjCkygV6My1YfA7gZ2YmOZWVk0PvwW4pedFJDofl5jmkAFR2ilFOrQMeATvIKe2hzzEdNi0Xab%2BMm"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 795e26b8a988380e-FRA

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1675794149214/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=63E296E411833636;/inner=%7C;/ 2 B
195 B 31ms
30ms Ping
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1675794149214/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=63E296E411833636;/inner=%7C;/extra=;
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://link1s.com
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Mon, 06 Feb 2023 18:22:29 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 16ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Feb 2023 18:22:28 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 573670
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 footer.jpg
link1s.com/cloud_theme/build/img/ 18 KB
18 KB 3656ms
3655ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link1s.com/cloud_theme/build/img/footer.jpg
Requested by: Host: link1s.com
URL: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 4490d0650e3dfb1cbad3fff7bd9d56e557e3894956c4ba05900723803fab21ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
last-modified: Mon, 15 Jun 2020 06:02:55 GMT
server: fbs
etag: "5ee70f0f-4884"
x-hw: 1675794149.cds272.fr8.hn,1675794149.cds275.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 18564

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 1D4F 74 KB
23 KB 15ms
15ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 571873
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COp8rv%2B8GzkLq9uNHaE%2FyXOKRiX40S3otQsvo%2BjRcXG9zGMf3KvNGqWkvrzgIXroquB0wC9xShVlOb255fkw8JFg9G3PqQy5pMq7fbJWy%2FwSR36FpYWgAJiMUFLpnJZNcv1aOB%2FcwEZ%2FPBwo"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 795e26b91a32380e-FRA

GET
H2 200 f0e1efd3-353f-4ff1-b037-202b7bb3383d Show response
boot.pbstck.com/v1/tag/ Frame 528D 1 KB
724 B 40ms
39ms Script
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f996a242105e9c09bc683f79ca9a344be26794c799276c127028acb445083d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-ray: 795e26b91ce8bbcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Show response
boot.pbstck.com/v1/tag/ Frame 528D 2 KB
719 B 51ms
51ms Script
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7a356494be8b4650ed08e788996c2c18f12cc04def182ec104f19cd249c3ad7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-ray: 795e26b91cedbbcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 528D 480 KB
138 KB 24ms
23ms Script
application/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: HjfY42wqSWw306GoqTYOLw==
age: 1931
x-ms-lease-status: unlocked
last-modified: Tue, 07 Feb 2023 13:49:35 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a6bdd7c9-a01e-0005-23fb-3a2d4c000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 795e26b9184f9295-FRA
expires: Tue, 07 Feb 2023 22:22:29 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 1D4F 43 B
106 B 81ms
27ms Image
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 gemius.js Show response
adlv.hit.gemius.pl/ Frame 3778 64 KB
17 KB 33ms
32ms Script
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gemius.js
Requested by: Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: d69577de73b1b6f7ee6f71a6363e3b94dc6d51f608170374f65f29881ddb6910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adlv.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 15:19:30 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17012
expires: Wed, 08 Feb 2023 06:22:29 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 84CC 284 B
536 B 58ms
9ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 collector-6ca1a84.js Show response
cdn.pbstck.com/ Frame 528D 148 KB
42 KB 17ms
16ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/collector-6ca1a84.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e6a1c600a90557e1817df308d3c117be294c1846e41349e2219901ea38216b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 90746
x-guploader-uploadid: ADPycdt9D4I9hxCtlfbe4dM_Cc0hWtB59W9ym6DG8YgsRPZcAwKfBCTCnHPnYZyAGYLxP6_xts0k1QAFx_z7iwDTSHb9QiwywHoL
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Feb 2023 16:57:38 GMT
server: cloudflare
etag: W/"98b6f581c22df56ab9068dd3ef7d0b02"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1675702658310399
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=ByGhZA==, md5=mLb1gcIt9Wq5Bo3T730LAg==
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 40675
cf-ray: 795e26b959ab37fd-FRA
expires: Mon, 13 Feb 2023 16:58:12 GMT

GET
H3 200 index-monitoring-301583c.js Show response
cdn.pbstck.com/ Frame 528D 183 KB
51 KB 32ms
32ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/index-monitoring-301583c.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 628df093648df73d0dbff4905ba7262d40e4e70bead5b3ae73ab4634965719fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 570871
x-guploader-uploadid: ADPycdsnG7HW-9djqYB75TK6pUS3rQtESh2KbJNp7R8VFft7s3NrmD3O88h8x_Ynqw0S3I7mlmjXnC1p34UqSTOMjXwbpGfMu9j8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Dec 2022 16:22:05 GMT
server: cloudflare
etag: W/"2792a8f5102a28ea35670b4c11d66b7d"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1670862125732888
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=K58Y6w==, md5=J5Ko9RAqKOo1ZwtMEdZrfQ==
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 50705
cf-ray: 795e26b969c737fd-FRA
expires: Wed, 08 Feb 2023 03:31:02 GMT

GET
H3 200 index-refresh-301583c.js Show response
cdn.pbstck.com/ Frame 528D 148 KB
42 KB 25ms
24ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/index-refresh-301583c.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad1075241aa892fe10fd2f06072fd9d2d88bc4f51e6bd32bcc8444d5997a1153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 570871
x-guploader-uploadid: ADPycdvh8FMUnCWXrd6MLaGgBAN9MU5oEug48h3GlTyqLywV8C5JivnZvJ3Z_m_X2x5jMgoa2hUU7niHR6_LVlPQzyJErA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Dec 2022 16:22:09 GMT
server: cloudflare
etag: W/"4bfc9434348caf53e03a05f3e7b5a6e3"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1670862129104500
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=krrFFQ==, md5=S/yUNDSMr1PgOgXz57Wm4w==
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 41934
cf-ray: 795e26b969c837fd-FRA
expires: Wed, 08 Feb 2023 03:42:40 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 528D 483 B
1 KB 12ms
12ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1905521
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9JPaszn1B6qjWnZ5%2BLHqDYKuip1MWdTrBQGIqtc55wE8ybYy6Pms7Uh37LH%2BT%2BrF%2B0kuN4wgVq5cLwraS8CK86X4kN2l29GBrhHAVh1fxqRasyCqnrxdTpck96LRIu3MKmRXJVJsnmtzGu%2F"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 795e26b9b83f9244-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 528D
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&bundle=cWOzfV8yVmVYZ0VkWURhenhCeCUyQkJ0dWtyNnpQNkR5UUtFMGo2JTJGZGZZOWNmVXljSjdsWE8lMkZoMG5YSDVOWWh...
https://mug.criteo.com/sid?cpp=HrhxGXxuSkcxcUF5ZDJQSm55d3dTbTI2OVJDd0J4M3QxRDlYVjBoRFpNOEd0Wityd2V0SmpuenhTS3NmTVdrZjVLS25CdDFWTEorUlBFQ09sRjBOZ0k4Vnl2N2MzWmtGNVY0dWpvRFNBY0RxSExzcmFZZ3dFU2JnRU1OY1...

365 B
654 B

28ms
28ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=HrhxGXxuSkcxcUF5ZDJQSm55d3dTbTI2OVJDd0J4M3QxRDlYVjBoRFpNOEd0Wityd2V0SmpuenhTS3NmTVdrZjVLS25CdDFWTEorUlBFQ09sRjBOZ0k4Vnl2N2MzWmtGNVY0dWpvRFNBY0RxSExzcmFZZ3dFU2JnRU1OY1ZxNHB5a2l4SFdRdUxWR1htL1JlNm1tNnE2YXo3c3lYRHdQOTgvSnI0N0JkcGk0Nm5acGpVZ3p3eEFRM2pBOVVCc1J0SkNYaU1oT2lST1RrUXRZb3ArM3RFN3d5YVg4Q1d2bUMrSWE0YXV2eHJNekVscmszemJEa1RNdzFRbzRKd1NXM1lhdFhHfA&cppv=2

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d462c5f4590dfe368ec05d589ecb5646a674fe8319438384d960f88fa550c5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1937435
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=HrhxGXxuSkcxcUF5ZDJQSm55d3dTbTI2OVJDd0J4M3QxRDlYVjBoRFpNOEd0Wityd2V0SmpuenhTS3NmTVdrZjVLS25CdDFWTEorUlBFQ09sRjBOZ0k4Vnl2N2MzWmtGNVY0dWpvRFNBY0RxSExzcmFZZ3dFU2JnRU1OY1ZxNHB5a2l4SFdRdUxWR1htL1JlNm1tNnE2YXo3c3lYRHdQOTgvSnI0N0JkcGk0Nm5acGpVZ3p3eEFRM2pBOVVCc1J0SkNYaU1oT2lST1RrUXRZb3ArM3RFN3d5YVg4Q1d2bUMrSWE0YXV2eHJNekVscmszemJEa1RNdzFRbzRKd1NXM1lhdFhHfA&cppv=2
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 746148
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 27ms
27ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&bundle=cWOzfV8yVmVYZ0VkWURhenhCeCUyQkJ0dWtyNnpQNkR5UUtFMGo2JTJGZGZZOWNmVXljSjdsWE8lMkZoMG5YSDVOWWhVUVBqRERzS2IyN3hhdVZrRWJBdmpPNlZ1Q0U0MzJuNyUyQjhJaTNmMWpWOTlzSG44RlNrVEtqOVoyRmxzSlhreFJFS1BkbTlB&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://link1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Feb 2023 18:22:28 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 676389
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 84D7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

192ms
192ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Feb 2023 18:22:29 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 07 Feb 2023 18:22:29 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

GET
H2 200 cookie
cm.adform.net/ Frame B18C 43 B
105 B 26ms
26ms Image
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C7CC 284 B
536 B 9ms
9ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 24ms
24ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://link1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 07 Feb 2023 18:22:29 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 528D 275 B
490 B 26ms
25ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eaee741cff05047dc7513ffacf9c11ab52c277383f407cdc67d8d8f66991247

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6h%2FT65F9r8O9N8Hd7OLImkdGTmIhH2vM4G0LhamMQiK4MmIuAYKk6QPgvmMv7Tv2H%2FAacvuXxnv9P2LDUcGAs7gp%2FKbeUwzkXm%2F%2FdhkcelB7kty3E4U6xUdPIPHdzb09peOVpyk5xrWT9AKJMUHf1re9j22"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 795e26ba39df371c-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 528D 236 B
481 B 117ms
117ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83e75d1df5ce7fe326196e0494317e434153a1c25b6786a9ec676c6e302bd04

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.234.0-3-gde6ed827
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6l%2Bwc6wmVB58UISf3xXOGF0NB6C8BtbK%2F4ulJv1wmHPnUvSfsor52SxJZj8ciezZAMSNphvncxKnKnEdGUmi6MaLRQ27N0Q%2FFpOm%2F8piUGG7AQ1lcDH4DgkVvRJ5Mwtqc%2Bf5JwUbOry74mG2CVU3mm5HS2Sw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 795e26ba39e4371c-FRA
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 528D 0
211 B 383ms
260ms XHR
text/plain 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=64637343763

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 528D 15 KB
8 KB 245ms
244ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

558db525f765f6ef667db94de5e0c1c3747ea20cc7d26983587ad607c0b9631f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2d114ca2-9d73-483f-8687-6f43ca27b4d4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 528D 0
18 B 87ms
87ms XHR
text/plain 145.40.88.5
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 07 Feb 2023 18:22:28 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://link1s.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 528D 0
404 B 72ms
72ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 528D 15 B
357 B 15ms
15ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://link1s.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 528D 2 KB
2 KB 72ms
72ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 562ffbe0429a2fba75097d2da54772d0d76ea731401f2575d5a00ca48649f21f

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:29 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1982
Expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 528D 0
56 B 189ms
189ms XHR
text/plain 204.237.133.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 Ambler, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
date: Tue, 07 Feb 2023 18:22:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 528D 2 B
300 B 19ms
19ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 528D 0
172 B 17ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://link1s.com
date: Tue, 07 Feb 2023 18:22:29 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 528D 99 B
261 B 26ms
26ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0612c128c32bd7d8aa589e9009f764fd99c6601862151fd1ea82c30d436b6f

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-sc-4971-if180-gcp-ams
date: Tue, 07 Feb 2023 18:22:29 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 7 inventory rules not found for mediatype: banner and adUnitCode: div-custom-ad-1675794149288-0, Process Seats Booster. unable to get the seat booster engine for organization: 1053
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 795e26ba4acc9a15-FRA
expires: 0

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 84CC 0
239 B 86ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 3AA7 5 KB
3 KB 130ms
28ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: f18e048b4900819c423ca58a8c364bc235365adc821776269c4dd1d67268e4ea

Request headers

Referer: https://adlv.hit.gemius.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2720
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 18:22:29 GMT
etag: PRIVATE7520710249
expires: Thu, 09 Mar 2023 18:22:29 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 15ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Feb 2023 18:22:29 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 474452
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 528D 74 KB
23 KB 16ms
16ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 571873
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gteg%2FVrgPf5FOsgKjEX%2FmB967Z075LF9fDUFHsEqJDXdlNapDabLkY3HXWyxYUYVn7xNYNpAXiBt9Qa97%2FZaKZcb6qLixbpcRNseKMkXODFebfrGoRdg0ArVhiKUR6TCOGSAc%2FurN9ybEZ%2BC"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 795e26ba6bd3380e-FRA

GET
H2 200 cookie
cm.adform.net/ Frame 528D 43 B
105 B 26ms
26ms Image
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 84CC 0
214 B 11ms
10ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=36584
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 84CC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RqwCh1lLQ8aVjU-x231KFg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RqwCh1lLQ8aVjU-x231KFg

43 B
479 B

107ms
105ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RqwCh1lLQ8aVjU-x231KFg

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PDPKKQMC7BJR3MR1C1M0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RqwCh1lLQ8aVjU-x231KFg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 84CC 70 B
265 B 106ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 84CC 0
214 B 21ms
9ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 84CC
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=

95 B
164 B

154ms
153ms

Image
image/png

35.227.197.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Server

35.227.197.177 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.197.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
content-type: image/png

Redirect headers

date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

204
No Content

esync
token.rubiconproject.com/ Frame 84CC
Redirect Chain

https://id.rlcdn.com/709414.gif
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

0
214 B

9ms
8ms

Image
text/plain

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 07 Feb 2023 18:22:29 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 84CC
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID
https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=1897824813687407767

0
239 B

37ms
10ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=1897824813687407767
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4fc11751-7c61-446f-b590-c251b66ac7d8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=1897824813687407767
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 84CC
Redirect Chain

https://s.company-target.com/s/rp
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=3fa0b30c-b408-46d3-983d-4728a962a37a

0
239 B

10ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=3fa0b30c-b408-46d3-983d-4728a962a37a
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 07 Feb 2023 18:22:29 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.rubiconproject.com
location: https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=3fa0b30c-b408-46d3-983d-4728a962a37a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 84D7 33 KB
10 KB 144ms
144ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07bdb215b4725fdc08a3aa5ef110a97212da1ec587f838d0d2ebdc145fe7513f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 04:39:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37007
Connection: keep-alive
Content-Length: 10006
Expires: Wed, 08 Feb 2023 04:39:16 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 3778
Redirect Chain

https://adlv.hit.gemius.pl/dataredir?rid=xnjrkiktyj&url=pixel-eu.onprospects.com%2F%3Fpartner%3D254%26mapped%3DHCUDATA%26gdpr%3D0%26gdpr_consent%3D
https://pixel-eu.onprospects.com/?partner=254&mapped=9KeFIID7jbnO5oR86YnAYHjGNI3s2jIy8zNEcVL3hOX.87&gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=254&mapped=9KeFIID7jbnO5oR86YnAYHjGNI3s2jIy8zNEcVL3hOX.87&gdpr=0&gdpr_consent=&onp
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

33ms
32ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adlv.hit.gemius.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Feb 2023 18:22:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 84D7 284 B
536 B 8ms
8ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 1D4F 0
209 B 40ms
7ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
trc.audiencemanager.de/ad/ Frame A826 6 KB
3 KB 177ms
44ms Script
application/x-javascript 3.251.34.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.audiencemanager.de/ad/?pl=63c50f5f293004695e28b6fe&cb=798081562&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FehSuR-F6hD_RdHYyOEp-PwAAACCF69E_0XR2MjhKfj97FK5H4XqEP-VauMImMDIOl4TC6ZxtVhrlluJjAAAAAHc7agF_DgAAJw4AAAIAAABnzJcY6SwmAAAAAABVU0QARVVSAMoD-gBAWgAAAAABAQUCAAAAAKgAciRCigAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ZBSdsQjWkaMaEOeY38QBGOnZmAEgACgAMQAAAAAAABBAOglGUkExOjY1OTRAtTBJdxA7U-i87T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjY1OTQ%3D%2Fbn%3D99275%2Fclickenc%3D&liiftcamid=63c53984745a1feac2025ff2&liifttagid=23739255&liiftaucid=1022933008400276197
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.34.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-34-9.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash: 8ab652176b7cd1a202dde9cb549ef7dc0f4077493741e24ee88ed3a8085a778a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: gzip
server: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by: PHP/7.2.9
requestid: e33e2063e296e5ed5f49396608556291737444
vary: Accept-Encoding
content-type: application/x-javascript
status: 200 OK
hostname: 10-0-13-161
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
responsetime: 10
content-length: 2365

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame A826 80 KB
27 KB 41ms
6ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: Wed, 10 Jan 2024 21:27:38 GMT
Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 2408091
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27455
X-Served-By: cache-lga13620-LGA, cache-fra-eddf8230114-FRA
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
X-Timer: S1675794150.853337,VS0,VE0
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 52, 1602752

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame A826 0
936 B 160ms
111ms Image
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Flink1s.com%252F6EONEO5&e=wqT_3QLoFOhoCgAAAwDWAAUBCOWtip8GEOW14ZXshIyZDhgAKjYJehSuR-F6hD8R0XR2MjhKfj8ZAAAAIIXr0T8h0Q0SBCl7DSQQMQAAAEABLfB5MPf2qAs4_xxApxxIAlDnmN_EAVjp2ZgBYABowLRReMuHBoABAYoBA1VTRJIBA0VVUpgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA1Njc5NDQ2LCAwKTt1ZignaScsIDc5NDM2NTUVFCxnJywgMjAwOTU2MDUVFQBzARUcODE3ODQ4MzkVFjByJywgNDEyNjAxNDQ3BRbwvJICyQ4hUG5DT2t3aldrYU1hRU9lWTM4UUJHQUFnNmRtWUFUQUJPQUJBQUVpbkhGRDM5cWdMV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVFLb0FRS3dBUUM1QVlhajgxbERDSU1fd1FIVzJsem80WHFFUDhrQkFBQUFBQUFBOERfWkFYY1FPMVBvdk8wXzRBSG42LVFEOVFFQUFJQkFtQUlBb0FJQ3RRSUFBQUFBdlFJQQE78J93QUlCeUFJQjBBSUIyQUlCNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xxczV5Z1FCQmdCTFVNVGJEcWlBdzRJdDZTU0tCQUtHQUV0QUFDQVA2SUREZ2pCeUwwb0VBc1lBaTBBQUFBQXVnTUpSbEpCTVRvMk5UazA0QU8xTUlBRTU5MkdDb2dFenQ2R0NwQUVBSmdFQktvRXRRY0lfX19fJSgUX19fQVJEAQcNAQw4QkdQDQsBAQh3RWcBBxEBEEFTZ0lNNiAAADQRHAEBBEFVNkwAAFMyLAAERlEBJBEBCEFWahELFF9fXzhCWTYsAABvARYRAQRBWDZYABRlQUdBQWYRHiHwBEdJOhAAAFE6EAAAWToQAABnOhAAAG86EAAAdzoQAAA0NhAAAEg6gAAASDqAACBIUUFmZjJxQXY6eAAASDp4AABIOngAAEg6eAAgSDRBYm9HZ0FMAeYNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLh0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAAh3UVGhkwkBCE1rRQkJAQEYRFlCQUR4QgELDQFMaUFYQ001Z0ZoLVN1aGdHcEJYY1Gx_AhzUVUNJhRBQUFNRUYBBwkBCERKQhFjDFBBXzAuKAAETmsVKLg4RF9nQmVnSDhBWDF4TW9KLUFYVzB0b0NnZ1lEUlZWU2lBWUFrQVlCbUFZQW9RWQlbNEFBUVFLZ0dCTElHSkFrERQIQUFCHccEQmsZGABDHRhETGdHQ2cuLpoCmQEhWkJTZHNROk0HLE9uWm1BRWdBQ2dBTRHBiEJCQU9nbEdVa0V4T2pZMU9UUkF0VEJKZHhBN1UtaTg3VDlSGW4EQlodDABoHQwAcB0MAHgdDAw0QUlrNXDw3jhEOC7YApZE4ALv-S7qAhpodHRwczovL2xpbmsxcy5jb20vNkVPTkVPNYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA47dxQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTM0qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEAMgEANIEDjM2MjMjRlJBMTo2NTk02gQCCAHgBAHwBOeY38QBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAFDmjYBQHgBQHwBTb6BQQIABAAkAYAmAYAuAYAwQYFICwA8D_QBpgO2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHy4cG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=e4d783212579fe62b5fa9dccea0ecba8839aee7b

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:29 GMT
AN-X-Request-Uuid: ec620902-48c4-4b5c-8aba-c81454357262
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame B18C 0
208 B 8ms
8ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame B18C 0
208 B 8ms
8ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 IIQUniversalID.js Show response
ads.themoneytizer.com/ 51 KB
12 KB 17ms
16ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/IIQUniversalID.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7bb23de30daa7e81e2fafc5d2fbcada4b6fefc10c3251661952a341d6864aa8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt: AcO1qhF8YJv/DLsAAA
pragma: public
date: Tue, 07 Feb 2023 18:22:29 GMT
x-77-pop: frankfurtDE
x-accel-expires: @1675832665
last-modified: Wed, 12 Oct 2022 18:48:43 GMT
server: CDN77-Turbo
content-encoding: gzip
x-77-nzt-ray: 4c1562246055e438e596e26340388f34
x-cache: HIT
content-type: application/javascript
x-77-cache: HIT
cache-control: max-age=86400, public, no-transform
x-age: 47884
expires: Wed, 08 Feb 2023 05:04:25 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 21ms
20ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt: AcO1qhESqoP/DLsAAA
pragma: public
date: Tue, 07 Feb 2023 18:22:29 GMT
x-77-pop: frankfurtDE
x-accel-expires: @1675832665
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: CDN77-Turbo
content-encoding: gzip
x-77-nzt-ray: 4c1562246055e438e596e2637356a434
x-cache: HIT
content-type: application/javascript
x-77-cache: HIT
cache-control: max-age=86400, public, no-transform
x-age: 47884
expires: Wed, 08 Feb 2023 05:04:25 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 173ms
81ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=79438&f=5&fi=99
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Feb 2023 18:22:30 GMT
Server: nginx
X-IPLB-Request-ID: B2A2D186:837C_36264064:01BB_63E296E5_528A74D:2C9C3
X-IPLB-Instance: 20686
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 97 KB
33 KB 95ms
9ms Script
application/javascript 2.16.186.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-26.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 876626ded6c9d01e8764f738775f4c00a85312a5a63959ef7547cc6d1af5c506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 33218
Expires: Tue, 07 Feb 2023 20:22:29 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 18ms
17ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1546302
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 56ms
22ms Script
application/javascript 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cf-ray: 795e26bcfa2b3a6c-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 136ms
19ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:30 GMT
Last-Modified: Thu, 07 Oct 2021 11:26:48 GMT
Server: nginx/1.20.1
X-IPLB-Request-ID: B2A2D186:D25C_91EFC133:01BB_63E296E5_6DB2991A:10557
ETag: "615ed978-15ab"
X-IPLB-Instance: 29923
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame 4A81 0
0 14ms
13ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1675794149882

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 652ms
170ms Script
application/javascript 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2a15822e997e4b7b172e4b1e4c1366dd01f10ff936a8971ce15510f207b5d25c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:30 GMT
content-encoding: gzip
etag: "u+riIbpeWSVolXo4r+dT2g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 14 Feb 2023 18:22:30 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12762/ 2 KB
2 KB 188ms
33ms Script
application/javascript 52.18.129.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12762/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-129-185.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ee9923b738244929a3c2209848466bccd86eae3672fdef053a0272b60a9e0dfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:29 GMT
cache-control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1990
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 43ms
10ms Script
text/javascript 65.9.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-151.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 07:43:40 GMT
Via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Amz-Cf-Pop: FRA56-C1
Age: 38330
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: zF_bUxPaBgEudUMcJirO8TU69iJ35XiBxQL7SKLZftOvBnDvuZwEDA==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid7_35/build/dist/ 587 KB
185 KB 23ms
22ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9c9758144bcd45ed42a41b65ef12341715aaaeb03d994141718f1b6aef9dc8a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt: AcO1qhFuab7/C7sAAA
pragma: public
date: Tue, 07 Feb 2023 18:22:29 GMT
x-77-pop: frankfurtDE
x-accel-expires: @1675832666
last-modified: Mon, 06 Feb 2023 22:21:08 GMT
server: CDN77-Turbo
content-encoding: gzip
x-77-nzt-ray: 4c1562246055e438e596e263b075dc34
x-cache: HIT
content-type: application/javascript
x-77-cache: HIT
cache-control: max-age=86400, public, no-transform
x-age: 47883
expires: Wed, 08 Feb 2023 05:04:26 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 528D 0
208 B 8ms
8ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:29 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK htlmx5cd89bk Show response
hal9000.redintelligence.net/zone/ Frame 3854 10 KB
3 KB 45ms
12ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/htlmx5cd89bk?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=2928848173421329631&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2928848173421329631%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 25ed7fb38a25100c42289b33ef84dd115e4266393c8d8d32c29d45208358e172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2802
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame 3854
Redirect Chain

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTVRRM01UYzFNRGN0TnpObVpTMHpPR0UxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5Mjg4NDgxNzM0MjEzMjk2MzEvNjYyMjQwNC80NTYyMzEyLzEzL2ZVc3...
https://tags.mathtag.com/ck-confirm?bid_id=2928848173421329631&node_id=3747&exch_id=13

49 B
330 B

31ms
26ms

Image
image/gif

185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=2928848173421329631&node_id=3747&exch_id=13
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.379.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:30 GMT
Server: MMBD/3.379.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x27, zrh-bidder-x133
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 07 Feb 2023 18:22:29 GMT

Redirect headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
x-mm-nodeid: 3747
x-mm-bid-request-time: 1675794149
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: keep-alive
Content-Length: 86
x-mm-handled-by-owner: true
Last-Modified: Tue, 07 Feb 2023 18:22:29 GMT
Server: MMBD/3.379.0
x-mm-latency: 11 (0)
Content-Type: text/html; charset=utf-8
Location: https://tags.mathtag.com/ck-confirm?bid_id=2928848173421329631&node_id=3747&exch_id=13
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x103, zrh-bidder-x133
Keep-Alive: timeout=360
x-mm-lag: 0
Expires: Tue, 07 Feb 2023 18:22:28 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 3854 43 B
550 B 291ms
41ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=2928848173421329631&v3=651871&v4=4562312&v5=6622404&mt_nsync=1&no_attr=1
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 441 9053ffc master cdg-pixel-x34 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:30 GMT
Server: MT3 441 9053ffc master cdg-pixel-x34 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 07 Feb 2023 18:22:29 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 3854 49 B
331 B 106ms
32ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=2928848173421329631&st=4562312&time=[IMP_ATTR.time]&nodeid=3747
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.379.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Server: MMBD/3.379.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x105, zrh-bidder-x133
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 07 Feb 2023 18:22:28 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame 3854 80 KB
27 KB 7ms
7ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: Wed, 10 Jan 2024 21:27:38 GMT
Date: Tue, 07 Feb 2023 18:22:29 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 2408091
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27455
X-Served-By: cache-lga13620-LGA, cache-fra-eddf8230114-FRA
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
X-Timer: S1675794150.932826,VS0,VE0
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 52, 1602753

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 3854 0
936 B 22ms
7ms Image
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Flink1s.com%252F6EONEO5&e=wqT_3QKWDPBMFgYAAAMA1gAFAQjlrYqfBhD_je3M7PXOsjIYl4mKzs6zm6saKjYJy7kUV5V9pz8RUwQ4vYv3oz8ZAAAAIIXr0T8hUwQ4vYv3oz8py7kJJPCqMQAAAEDheoQ_MPf2qAs4_xxAHUgIUPeNu7YBWOnZmAFgAGjAtFF4g8kEgAEBigEDVVNEkgEDRVVSmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYApZE4ALv-S7qAhpodHRwczovL2xpbmsxcy5jb20vNkVPTkVPNYADAIgDAZADAJgDF6ADAaoD1AYKiwZodHRwOi8vdGFncy5tYXRodGFnBTVUbm90aWZ5L2ltZz9leGNoPWFwbiZzXxUL8EZpZD01YVc5NXEyakx6SXpMeUF2VFZSUk0wMVVZekZOUkdOMFRucE9iVnBUTUhwUFIwVXhURlJCZDAxRVFYUk5SRUYzVFVSQgkQBGROARDwyUx6STVNamc0TkRneE56TTBNakV6TWprMk16RXZOall5TWpRd05DODBOVFl5TXpFeUx6RXpMMlpWYzNZek5scFlUV0pGU0VKNk1qVlFNR3hzWTJKdGVqbG1Oa1kyZWtSblRUVTFXbk01VEMxMloxVXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6STVPVGN3TVRRNU1UZ3ZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFUVhSTlJFRjNUVU13ZDAB5AhkTVYRIABFBRAF5ABUFfQMY3ZNQwl8CQhm_ACwZW5Kb0x6QXZOVEV6THpnd0x6azVPUzh6TWpJdk1UYzRMakUyTWk0eU1Ea3VNAVQ4akF3TUM4eE5qYzFOemswAczwcUx6RTJOelU0TURZM05Ea3ZNVE12TXpjeE1TOC9mUHJoT1kxcV9sdVBWZ2VSbmVNT29OX3JDTDgmbm9kZWlkPTM3NDcmZ3JvdXA9enJoJmF1Y3Rpb25pZD0yOTI4ODQ4MTczNDIxMzI5NjMxJnBic19hdW4iACRzaGFyZGtleT0yTj8A8IFyaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZWZpaWEmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS44MSZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjQwNCZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhMyOTI4ODQ4Ls8AqBoTMzYzMTM3NDI5NjQzNjkxODAxNSIJMzgyNjUwMTAzKgYxMDE5MzY6BzYJY_CQwAOsAsgDANgDjt3FAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzSoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBPeNu7YBiAUBmAUAoAXco7DTy9Ki42PABQDJBQAAAAAAAPA_0gUJCQAAAAUPcNgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGBSIwAPA_0Ab5qwHaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxyAeDyQTSBw0JETEBLwjaBwYBZ_DKGADgBwDqBwIIAPAHwvwDigivAQqqAQAAAYYtHW6IMmU7rsmbRv_r7w8jaHIiCLVygqv3N46gc5kTC-7qi1HJMcaBTivcZy9OzEbStGsfoH_NBQlkY_R2dr7cb_6QmM68KNJACMm34bNGKP1Qnw-gnZZVRB0o78KtSbMM2mEuUrvDzhQrQGtMakS1H1wX3SOAJs6Nq4rEMgV42Wg8lSImR5D637u_LiCMdh4lbh4Hq2zrYmNeuWR4IlErpyVxhxtXEAGVCAAAgD-YCAE.&s=8923c4de0821f12862ac377299527f8b7e26ddaa

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:29 GMT
AN-X-Request-Uuid: 7852a003-a179-48cd-bcea-b39001b2e4ba
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 406 KB
162 KB 107ms
30ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://link1s.com/
Origin: https://link1s.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 08:52:32 GMT

GET
H/1.1 200 9.gif
id5-sync.com/i/12/ 43 B
1 KB 14ms
14ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 07 Feb 2023 18:22:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 112ms
31ms Script
text/javascript 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 21:48:43 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 20ms
19ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&bundle=Q-fpBV8yVmVYZ0VkWURhenhCeCUyQkJ0dWtyNjM5bXpjRkdPWXBHbVZBenMlMkIyMVZyWW1NNVJCakIxWEFyZjlKWmtLelVkSWl3dyUyRnVEcGxoYVBTQ21DdDBIaGI2OTZ6WHNqZCUyRnczJTJCekkwSzlOa1NTZXQ5RkdNc3QySVVzQXhkaXV6MnRGUDg&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://link1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Feb 2023 18:22:29 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 675985
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&bundle=Q-fpBV8yVmVYZ0VkWURhenhCeCUyQkJ0dWtyNjM5bXpjRkdPWXBHbVZBenMlMkIyMVZyWW1NNVJCakIxWEFyZjlKWmt...
https://mug.criteo.com/sid?cpp=GwaJCnxvMHhMcGVvemFhaVRCUSswSUZidnpuQ2I2Z0pIZitBZmhNOGFTL1dYRFJGSVdDd0p3SEwzNUhkQjd4OGtwVnRnOGxBVmpvc1JocGp6WCsrWjMyZlVkcEFaOHczWWlvU0lxWFNMNlNGMXVqUFMwK3FwVU5vUFZDS2...

362 B
651 B

17ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GwaJCnxvMHhMcGVvemFhaVRCUSswSUZidnpuQ2I2Z0pIZitBZmhNOGFTL1dYRFJGSVdDd0p3SEwzNUhkQjd4OGtwVnRnOGxBVmpvc1JocGp6WCsrWjMyZlVkcEFaOHczWWlvU0lxWFNMNlNGMXVqUFMwK3FwVU5vUFZDS2ZMOU56WEJEb1pOMW12WE1qaExoUmxjZkcyK3hQb0oxaGR6d091a0poeC9pRzhiUWN6LzY5NTBycWF6S0lTWDdpWDFLN21zZGlUQ2JWMnFRRlZ1VTUxdWlaMWNpeG4xTkY1VkYyaTkzSFBGZFdEMVVLWWIyTHFJekdURTg1d21FWjJHME1jZ1NOfA&cppv=2

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32d82a0e3a4c3971ef25823c2a240204b5afc35e4156af7f6a842374a03147e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1970709
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=GwaJCnxvMHhMcGVvemFhaVRCUSswSUZidnpuQ2I2Z0pIZitBZmhNOGFTL1dYRFJGSVdDd0p3SEwzNUhkQjd4OGtwVnRnOGxBVmpvc1JocGp6WCsrWjMyZlVkcEFaOHczWWlvU0lxWFNMNlNGMXVqUFMwK3FwVU5vUFZDS2ZMOU56WEJEb1pOMW12WE1qaExoUmxjZkcyK3hQb0oxaGR6d091a0poeC9pRzhiUWN6LzY5NTBycWF6S0lTWDdpWDFLN21zZGlUQ2JWMnFRRlZ1VTUxdWlaMWNpeG4xTkY1VkYyaTkzSFBGZFdEMVVLWWIyTHFJekdURTg1d21FWjJHME1jZ1NOfA&cppv=2
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 743636
content-length: 0
expires: 0

POST
H2 204 auction Show response
intake.pbstck.com/v1/intake/ Frame 1D4F 0
33 B 53ms
42ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26bd9d783722-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 impression Show response
intake.pbstck.com/v1/intake/ Frame 1D4F 0
64 B 48ms
37ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/impression?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26bd9d793722-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

request.php Show response
hal900018.redintelligence.net/ Frame 3854
Redirect Chain

https://hal900018.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=75303ccbff&subid=&uid=3528c7ca6bf51396&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900018.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=75303ccbff&subid=&uid=3528c7ca6bf51396&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

96ms
69ms

Script
application/x-javascript

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=75303ccbff&subid=&uid=3528c7ca6bf51396&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2928848173421329631%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Flink1s.com%2F6EONEO5&ancestorOrigins=https%3A%2F%2Flink1s.com%2Chttps%3A%2F%2Flink1s.com&random=4234879754983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 030a17400c9d927c20f409c868c05e478af9d628c80dfc669cb2d7d348d1afa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 58086800162205400951435012228018
Connection: close
Content-Length: 1360
Expires: Tue, 07 Feb 2023 18:22:30 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=75303ccbff&subid=&uid=3528c7ca6bf51396&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2928848173421329631%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Flink1s.com%2F6EONEO5&ancestorOrigins=https%3A%2F%2Flink1s.com%2Chttps%3A%2F%2Flink1s.com&random=4234879754983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 07 Feb 2023 18:22:30 +0100

GET
H2 200 / Show response
spl.zeotap.com/ 429 B
625 B 28ms
28ms XHR
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f45d06676750c089e4b298edf0e41ce675b323a2ba98b755b03af33e5a0e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cf-ray: 795e26bd9b0e3a6c-FRA
access-control-allow-headers: *

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A826 28 KB
11 KB 110ms
30ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=63c50f5f293004695e28b6fe&cb=798081562&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FehSuR-F6hD_RdHYyOEp-PwAAACCF69E_0XR2MjhKfj97FK5H4XqEP-VauMImMDIOl4TC6ZxtVhrlluJjAAAAAHc7agF_DgAAJw4AAAIAAABnzJcY6SwmAAAAAABVU0QARVVSAMoD-gBAWgAAAAABAQUCAAAAAKgAciRCigAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ZBSdsQjWkaMaEOeY38QBGOnZmAEgACgAMQAAAAAAABBAOglGUkExOjY1OTRAtTBJdxA7U-i87T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjY1OTQ%3D%2Fbn%3D99275%2Fclickenc%3D&liiftcamid=63c53984745a1feac2025ff2&liifttagid=23739255&liiftaucid=1022933008400276197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

519d5bd967e0830146e37151a545865f3d8ce232d3586b5f65e7bed8baefb871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10632
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 13:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Feb 2023 19:14:02 GMT

GET
H/1.1 204
No Content /
c.cintnetworks.com/ Frame A826 0
257 B 159ms
18ms Image
text/plain 51.144.7.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/?a=7283&i=64&e=1&c=1&ip
Requested by: Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=63c50f5f293004695e28b6fe&cb=798081562&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FehSuR-F6hD_RdHYyOEp-PwAAACCF69E_0XR2MjhKfj97FK5H4XqEP-VauMImMDIOl4TC6ZxtVhrlluJjAAAAAHc7agF_DgAAJw4AAAIAAABnzJcY6SwmAAAAAABVU0QARVVSAMoD-gBAWgAAAAABAQUCAAAAAKgAciRCigAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ZBSdsQjWkaMaEOeY38QBGOnZmAEgACgAMQAAAAAAABBAOglGUkExOjY1OTRAtTBJdxA7U-i87T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjY1OTQ%3D%2Fbn%3D99275%2Fclickenc%3D&liiftcamid=63c53984745a1feac2025ff2&liifttagid=23739255&liiftaucid=1022933008400276197
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Arr-Disable-Session-Affinity: true
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H2 200 impression
anz.audiencemanager.de/log/ad/ Frame A826 43 B
295 B 73ms
40ms Image
image/gif 3.251.34.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anz.audiencemanager.de/log/ad/impression?id=63c50f5f293004695e28b70d&adId=e33e2063e296e5ed5f49396608556291737444&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&curl=aHR0cHM6Ly9saW5rMXMuY29tLw&ntuId=820c4f0716fb32e19e5010e56698d3228178a0976b0a6b7b98fc5f4f846bb522&cb=1675802074
Requested by: Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=63c50f5f293004695e28b6fe&cb=798081562&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FehSuR-F6hD_RdHYyOEp-PwAAACCF69E_0XR2MjhKfj97FK5H4XqEP-VauMImMDIOl4TC6ZxtVhrlluJjAAAAAHc7agF_DgAAJw4AAAIAAABnzJcY6SwmAAAAAABVU0QARVVSAMoD-gBAWgAAAAABAQUCAAAAAKgAciRCigAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ZBSdsQjWkaMaEOeY38QBGOnZmAEgACgAMQAAAAAAABBAOglGUkExOjY1OTRAtTBJdxA7U-i87T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjY1OTQ%3D%2Fbn%3D99275%2Fclickenc%3D&liiftcamid=63c53984745a1feac2025ff2&liifttagid=23739255&liiftaucid=1022933008400276197
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.34.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-34-9.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:30 GMT
server: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by: PHP/7.2.9
requestid: 24bb8363e296e6128328298593009812804863
content-type: image/gif
status: 200 OK
hostname: 10-0-13-90
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
responsetime: 11
content-length: 43

GET
H2 200 impression
liift-trc.audiencemanager.de/ Frame A826 43 B
179 B 175ms
32ms Image
image/gif 54.72.202.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liift-trc.audiencemanager.de/impression?dataRequestId=1022933008400276197&campaignId=63c53984745a1feac2025ff2&tagId=23739255&w=970&h=250&cb=1675802840
Requested by: Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=63c50f5f293004695e28b6fe&cb=798081562&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FehSuR-F6hD_RdHYyOEp-PwAAACCF69E_0XR2MjhKfj97FK5H4XqEP-VauMImMDIOl4TC6ZxtVhrlluJjAAAAAHc7agF_DgAAJw4AAAIAAABnzJcY6SwmAAAAAABVU0QARVVSAMoD-gBAWgAAAAABAQUCAAAAAKgAciRCigAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ZBSdsQjWkaMaEOeY38QBGOnZmAEgACgAMQAAAAAAABBAOglGUkExOjY1OTRAtTBJdxA7U-i87T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjY1OTQ%3D%2Fbn%3D99275%2Fclickenc%3D&liiftcamid=63c53984745a1feac2025ff2&liifttagid=23739255&liiftaucid=1022933008400276197
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.202.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-202-70.eu-west-1.compute.amazonaws.com
Software: swoole-http-server /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:30 GMT
cache-control: no-cache
content-encoding: gzip
server: swoole-http-server
content-length: 57
content-type: image/gif

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame FCE4 0
247 B 19ms
18ms Document
text/html 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flink1s.com%2F6EONEO5&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Feb 2023 18:22:30 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked
X-IPLB-Instance: 29923
X-IPLB-Request-ID: B2A2D186:D25C_91EFC133:01BB_63E296E6_6DB29921:10557

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 15ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Feb 2023 18:22:29 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 425857
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=872cbdf4-c1b4-4648-46e5-fab299c994cc&reqId=1c3d0a43-2933-4d6f-52f2-52026d41e8a8&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=872cbdf4-c1b4-4648-46e5-fab299c994cc&reqId=1c3d0a43-2933-4d6f-52f2-52026d41e8a8...
https://mwzeom.zeotap.com/mw?google_gid=CAESELvT4iAsmT0icx9X8g14PFI&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=872cbdf4-c1b4-4648-46e5-fab299c994cc&reqId=1c3d0a43-2933-4d6f-52f...

95 B
163 B

52ms
20ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESELvT4iAsmT0icx9X8g14PFI&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=872cbdf4-c1b4-4648-46e5-fab299c994cc&reqId=1c3d0a43-2933-4d6f-52f2-52026d41e8a8&zdid=1258
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cf-ray: 795e26bebca03a6c-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESELvT4iAsmT0icx9X8g14PFI&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=872cbdf4-c1b4-4648-46e5-fab299c994cc&reqId=1c3d0a43-2933-4d6f-52f2-52026d41e8a8&zdid=1258
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 auction Show response
intake.pbstck.com/v1/intake/ Frame 528D 0
33 B 40ms
39ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26bdcdd13722-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 impression Show response
intake.pbstck.com/v1/intake/ Frame 528D 0
121 B 39ms
39ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/impression?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26bdcc5337fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 721 B
1 KB 125ms
31ms Script
application/javascript 52.30.21.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F6EONEO5&hn_ver=40&fid=56b511f6-7ef9-47f3-9166-3d4be327e896&dsp=pub_common&dsp_uid=34c6ef94-ebea-4806-af04-feda1a0b66a5

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12762/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.21.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-21-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f237b730c5ab1623732efa457c7ee9dcf791150c2e97af5b1b374d823e20efda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
x-frame-options: sameorigin
Content-Type: application/javascript; charset=UTF-8
p3p: CP="NOI DEV ADM"
cache-control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 721
expires: Mon, 30 Jan 2023 15:30:08 UTC

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
521 B 208ms
33ms XHR
application/x-javascript 108.128.16.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.16.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-16-246.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 18:22:30 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 impl_v94.js Show response
www.googletagservices.com/dcm/ Frame A826 60 KB
23 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v94.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0313c42048efbbd0b5ea187ac6bb5f9f6fb8a99776b3cb981c346243b8e0e978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 07:44:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23493
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 19:50:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 07:44:52 GMT

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 1D6D 43 KB
23 KB 49ms
48ms Document
text/html 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7&co=aHR0cHM6Ly9saW5rMXMuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=gxl0b2vvr4d8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

780c394c2a2511f243d7147563c59fbd2e6a08a00ba3fca56759f7ab16a4e1fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-APhOtId9AZ6SD_VFaI8DAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23460
content-security-policy: script-src 'report-sample' 'nonce-APhOtId9AZ6SD_VFaI8DAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 18:22:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
adv.office-partner.de/ Frame BFF8 930 B
931 B 131ms
17ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=75303ccbff&subid=&uid=3528c7ca6bf51396&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2928848173421329631%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Flink1s.com%2F6EONEO5&ancestorOrigins=https%3A%2F%2Flink1s.com%2Chttps%3A%2F%2Flink1s.com&random=4234879754983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 07 Feb 2023 18:22:30 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 14 Feb 2023 18:22:30 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 2E04
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=58086800162205400951435012228018&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=58086800162205400951435012228018&actionid=981741&produktid=&dt_url=

0
607 B

85ms
29ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=58086800162205400951435012228018&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=75303ccbff&subid=&uid=3528c7ca6bf51396&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2928848173421329631%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Flink1s.com%2F6EONEO5&ancestorOrigins=https%3A%2F%2Flink1s.com%2Chttps%3A%2F%2Flink1s.com&random=4234879754983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 18:22:30 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 07 Feb 2023 07:22:30 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Tue, 07 Feb 2023 18:22:30 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=58086800162205400951435012228018&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B2A2D186:B2E0_91EFC182:01BB_63E296E6_1895E883:2BFA

GET
H2

200

htlp Show response
futalis.de/ Frame 557C
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=58086800162205400951435012228018&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2219836856

350 B
401 B

84ms
18ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2219836856
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=75303ccbff&subid=&uid=3528c7ca6bf51396&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2928848173421329631%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Flink1s.com%2F6EONEO5&ancestorOrigins=https%3A%2F%2Flink1s.com%2Chttps%3A%2F%2Flink1s.com&random=4234879754983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:22:30 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2219836856
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 3854 2 KB
2 KB 134ms
58ms Script
text/html 18.130.177.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=58086800162205400951435012228018&nw=1
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.177.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-177-194.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 720091510f2ad0e118fee5fde8e01bb538c7f8c0f681d43d3ec9eb72dbf53ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:30 GMT
last-modified: Tue, 07 Feb 2023 18:22:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 07 Feb 2023 18:23:30 GMT

GET
H2

200

activityi;dc_pre=CNPWrtiDhP0CFZqdmgod_mIKPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465 Show response
5994599.fls.doubleclick.net/ Frame FE22
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNPWrtiDhP0CFZqdmgod_mIKPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465?

391 B
324 B

158ms
155ms

Document
text/html

142.251.39.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNPWrtiDhP0CFZqdmgod_mIKPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465?

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f6.1e100.net

Software

cafe /

Resource Hash

8256ebf4050f9291afd493a6dddac393220bd423c900ab33ef170842c4c0371c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 18:22:30 GMT
expires: Tue, 07 Feb 2023 18:22:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 18:22:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNPWrtiDhP0CFZqdmgod_mIKPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900018.redintelligence.net/ Frame 949B 7 KB
3 KB 36ms
11ms Document
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=htlmx5cd89bk&nw=20&renderingType=javascript&namespace=75303ccbff&subid=&uid=3528c7ca6bf51396&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2928848173421329631%26mt_id%3D6622404%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Flink1s.com%2F6EONEO5&ancestorOrigins=https%3A%2F%2Flink1s.com%2Chttps%3A%2F%2Flink1s.com&random=4234879754983&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 1558cb5226371cc0f5aeeccf65f4e3d833c5f2a61731b1d0e3b38afdabdc05ae

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2246
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Feb 2023 18:22:30 GMT
Expires: Tue, 07 Feb 2023 18:22:30 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 3854
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=58086800162205400951435012228018
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=58086800162205400951435012228018
https://ad-server.eu/wm/pb/native.png

68 B
312 B

195ms
31ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:25:21 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Tue, 07 Feb 2023 18:22:30 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B2A2D186:B2EE_91EFC182:01BB_63E296E6_189B908A:11272
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 3854 60 B
60 B 163ms
22ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?tc=ce02f64282534558b88ece024409f414

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 07 Feb 2023 06:22:30 GMT
X-ET-Code: 11
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1199
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2E8B 52 KB
17 KB 33ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3711&pub_id=2046825
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 52790
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 07 Feb 2023 18:22:30 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 22, 219434
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230045-FRA
X-Timer: S1675794150.208508,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 3854 0
936 B 11ms
11ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Flink1s.com%2F6EONEO5&e=wqT_3QLEE_BMxAkAAAMA1gAFAQjlrYqfBhD_je3M7PXOsjIYl4mKzs6zm6saKjYJy7kUV5V9pz8RUwQ4vYv3oz8ZAAAAIIXr0T8hUwQ4vYv3oz8py7kJJPQOATEAAABA4XqEPzD39qgLOP8cQB1ICFD3jbu2AVjp2ZgBYABowLRReIPJBIABAYoBA1VTRJIBA0VVUpgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AKWROAC7_ku6gIaaHR0cHM6Ly9saW5rMXMuY29tLzZFT05FTzXyAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhMyOTI4ODQ4MTczNDIxMzI5NjMx8gLNAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SrgFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz8BfmhfYWlkPTcxODk1ODYyMjY1MzEwMTMwODQmbXQFGwQyOUJ-AAEbIGlkPTY2MjI0MAkpJGRpZD0yMTY1MzYBHShzaWQ9NDU2MjMxMgEPGGV4aWQ9MTMBCxhpbmFwcD0wAQtEb3M9JnJlZGlyZWN0PfICFwoTORc8Z2Rwcl9zdHJdEgDyAhkKFDoaAEBmbGFnXRIBMPICHgoUW0FEXyVMMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITSvUAmPICxgoKEltOT1RJRklDQVRJT05fVVJJXRKvCjxpbWcgc3JjPWh0dCV0JHRhZ3MubWF0aHQtcyhub3RpZnkvaW1nPyF0GD1hcG4mc18VC_BGaWQ9NWFXOTVxMmpMekl6THlBdlRWUlJNMDFVWXpGTlJHTjBUbnBPYlZwVE1IcFBSMFV4VEZSQmQwMUVRWFJOUkVGM1RVUkIJEARkTgEQ8MlMekk1TWpnNE5EZ3hOek0wTWpFek1qazJNekV2TmpZeU1qUXdOQzgwTlRZeU16RXlMekV6TDJaVmMzWXpObHBZVFdKRlNFSjZNalZRTUd4c1kyRlRTSEoxVDFKNlREYzROMlJFVldSQ05qaFVNVzh2TVM4eE15OHdMekF2T1RVMk9EQXpMekk1T1Rjd01UUTVNVGd2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwAeQIZE1WESAARQUQBeQAVBX0DGN2TUMJfAkIZvwAsGVuSm9MekF2TlRFekx6Z3dMems1T1M4ek1qSXZNVGM0TGpFMk1pNHlNRGt1TQFUOGpBd01DOHhOamMxTnprMAHM8FhMekUyTnpVNE1EWTNORGt2TVRNdk16Y3hNUzgvRjBGSUt0Q0xUak1HeWVJSkdRNnNHMjhVdTlBJm5vZGVpZD0zNzQ3Jmdyb3VwPXpyaCZhdWN0aW9uaWQ9MkprAxRwYnNfYXVuIgAgc2hhcmRrZXk9SrUCACYuigMAY320PGJwPWFfYWVmaWlhJm1pbl9B-iB3aW49JHtBVUNF3PCVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjgxJnR5cGU9aW1wJmNsaWVudD1jMnMgd2lkdGg9MSBoZWlnaHQ9MT5ceDNDZGl2IHdpZHRoPScxJyBoZWlnaHQ9JzEnIHN0eWxlPSdkaXNwbGF5Om5vbmU7IG92ZXJmbG93OmhpZGRlbic-AUNlbgB0BS40bGVmdDotMTBweDt0b3ANCkwgcG9zaXRpb246YWJzb2x1dGUnIGGeBCdobZ8IcGl4OhMFEGV2ZW50ZZ8EbXSB2xgxMzY4ODc1gaeR2xQ3NjQmdjGBxwR2MlJrASx2Mz02NTE4NzEmdjSV_gR2NS4nBURuc3luYz0xJm5vX2F0dHI9MSctJQAnNgwBBC8-UugAADkR5wEJguYAAHQ-hQQZ5QB0Ia40bW1JbXBUcmFjayZleGOJlABiocdKhgIEc3QV0iR0aW1lPVtJTVBfpXUBDwBdLtoCctMA8E8vZGl2PoADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA47dxQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMEGAqDSoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBPfh6FiIBQGYBQCgBdyjsNPL0qLjY8AFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBkklHMgHg8kE0gcNFW4BLwjaBwYBZ_DKGADgBwDqBwIIAPAHwvwDigivAQqqAQAAAYYtHW6IMmU7rsmbRv_r7w8jaHIiCLVygqv3N46gc5kTC-7qi1HJMcaBTivcZy9OzEbStGsfoH_NBQlkY_R2dr7cb_6QmM68KNJACMm34bNGKP1Qnw-gnZZVRB0o78KtSbMM2mEuUrvDzhQrQGtMakS1H1wX3SOAJs6Nq4rEMgV42Wg8lSImR5D637u_LiCMdh4lbh4Hq2zrYmNeuWR4IlErpyVxhxtXEAGVCAAAgD-YCAE.&s=0f5767fecb116f628b61133cc23fcf27035ab588&bdref=https%3A%2F%2Flink1s.com%2F6EONEO5&bdtop=true&bdifs=2&bstk=https%3A%2F%2Flink1s.com%2F6EONEO5,https%3A%2F%2Flink1s.com%2F6EONEO5,https%3A%2F%2Flink1s.com%2F6EONEO5&

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
AN-X-Request-Uuid: 26a140e6-99a4-4a50-89b0-d692e708db26
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 B29212650.356875625;dc_ver=94.277;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=1922333274;ord=j8io7d;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FehSuR-F6hD_RdHYyOEp-PwAAACCF69E_0XR2MjhKfj97FK5H4Xq... Show response
ad.doubleclick.net/ddm/adj/N9166.3224688MSTUDIOGMBH/ Frame A826 11 B
454 B 83ms
33ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N9166.3224688MSTUDIOGMBH/B29212650.356875625;dc_ver=94.277;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=1922333274;ord=j8io7d;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FehSuR-F6hD_RdHYyOEp-PwAAACCF69E_0XR2MjhKfj97FK5H4XqEP-VauMImMDIOl4TC6ZxtVhrlluJjAAAAAHc7agF_DgAAJw4AAAIAAABnzJcY6SwmAAAAAABVU0QARVVSAMoD-gBAWgAAAAABAQUCAAAAAKgAciRCigAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ZBSdsQjWkaMaEOeY38QBGOnZmAEgACgAMQAAAAAAABBAOglGUkExOjY1OTRAtTBJdxA7U-i87T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjY1OTQ%3D%2Fbn%3D99275%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D1022933008400276197%2526campaignId%253D63c53984745a1feac2025ff2%2526tagId%253D23739255%2526w%253D970%2526h%253D250%2526cb%253D1675802840%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D63c50f5f293004695e28b70d%252526adId%25253De33e2063e296e5ed5f49396608556291737444%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253De33e2063e296e5ed5f49396608556291737444%252526curl%25253DaHR0cHM6Ly9saW5rMXMuY29tLw%252526ntuId%25253D820c4f0716fb32e19e5010e56698d3228178a0976b0a6b7b98fc5f4f846bb522%252526cb%25253D1675801156%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Flink1s.com%2F6EONEO5$0;xdt=0;crlt=BxzOizFd4g;stc=1;chaa=1;sttr=67;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v94.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 3854 0
953 B 19ms
18ms Ping
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Flink1s.com%2F6EONEO5&e=wqT_3QKWDPBMFgYAAAMA1gAFAQjlrYqfBhD_je3M7PXOsjIYl4mKzs6zm6saKjYJy7kUV5V9pz8RUwQ4vYv3oz8ZAAAAIIXr0T8hUwQ4vYv3oz8py7kJJPCqMQAAAEDheoQ_MPf2qAs4_xxAHUgIUPeNu7YBWOnZmAFgAGjAtFF4g8kEgAEBigEDVVNEkgEDRVVSmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYApZE4ALv-S7qAhpodHRwczovL2xpbmsxcy5jb20vNkVPTkVPNYADAIgDAZADAJgDF6ADAaoD1AYKiwZodHRwOi8vdGFncy5tYXRodGFnBTVUbm90aWZ5L2ltZz9leGNoPWFwbiZzXxUL8EZpZD01YVc5NXEyakx6SXpMeUF2VFZSUk0wMVVZekZOUkdOMFRucE9iVnBUTUhwUFIwVXhURlJCZDAxRVFYUk5SRUYzVFVSQgkQBGROARDwyUx6STVNamc0TkRneE56TTBNakV6TWprMk16RXZOall5TWpRd05DODBOVFl5TXpFeUx6RXpMMlpWYzNZek5scFlUV0pGU0VKNk1qVlFNR3hzWTJKdGVqbG1Oa1kyZWtSblRUVTFXbk01VEMxMloxVXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6STVPVGN3TVRRNU1UZ3ZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFUVhSTlJFRjNUVU13ZDAB5AhkTVYRIABFBRAF5ABUFfQMY3ZNQwl8CQhm_ACwZW5Kb0x6QXZOVEV6THpnd0x6azVPUzh6TWpJdk1UYzRMakUyTWk0eU1Ea3VNAVQ4akF3TUM4eE5qYzFOemswAczwcUx6RTJOelU0TURZM05Ea3ZNVE12TXpjeE1TOC9mUHJoT1kxcV9sdVBWZ2VSbmVNT29OX3JDTDgmbm9kZWlkPTM3NDcmZ3JvdXA9enJoJmF1Y3Rpb25pZD0yOTI4ODQ4MTczNDIxMzI5NjMxJnBic19hdW4iACRzaGFyZGtleT0yTj8A8IFyaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZWZpaWEmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS44MSZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjQwNCZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhMyOTI4ODQ4Ls8AqBoTMzYzMTM3NDI5NjQzNjkxODAxNSIJMzgyNjUwMTAzKgYxMDE5MzY6BzYJY_CQwAOsAsgDANgDjt3FAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzSoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBPeNu7YBiAUBmAUAoAXco7DTy9Ki42PABQDJBQAAAAAAAPA_0gUJCQAAAAUPcNgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGBSIwAPA_0Ab5qwHaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxyAeDyQTSBw0JETEBLwjaBwYBZ_DKGADgBwDqBwIIAPAHwvwDigivAQqqAQAAAYYtHW6IMmU7rsmbRv_r7w8jaHIiCLVygqv3N46gc5kTC-7qi1HJMcaBTivcZy9OzEbStGsfoH_NBQlkY_R2dr7cb_6QmM68KNJACMm34bNGKP1Qnw-gnZZVRB0o78KtSbMM2mEuUrvDzhQrQGtMakS1H1wX3SOAJs6Nq4rEMgV42Wg8lSImR5D637u_LiCMdh4lbh4Hq2zrYmNeuWR4IlErpyVxhxtXEAGVCAAAgD-YCAE.&s=8923c4de0821f12862ac377299527f8b7e26ddaa&type=nv&nvt=5&jm=1003&px=328&py=856&bw=970&bh=250&sid=3299046171303151008&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23739255&sw=1600&sh=1200&pw=1600&ph=1262&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
AN-X-Request-Uuid: 8b85102f-ba91-46b2-ae0d-cd831df9d81f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 1D6D 55 KB
24 KB 90ms
32ms Stylesheet
text/css 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7&co=aHR0cHM6Ly9saW5rMXMuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=gxl0b2vvr4d8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 18:01:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 1D6D 406 KB
162 KB 102ms
44ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 08:52:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 949B 4 KB
747 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 18:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 16:54:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 18:22:30 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 949B 56 KB
56 KB 36ms
13ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: b87e7525251fdec2074203e68604f561212ee675bcee8b3276b899bc869fe9b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 57512
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 949B 66 KB
66 KB 36ms
13ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: a23e6a52ffb757add1b2f9ca5c5e02adc7d6fd3618901166882f7536307459e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 949B 46 KB
46 KB 35ms
12ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: cd86a55a55b936889062659e5ef4bcd3f0144df05c8e3cceee41bb48eebdcc9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 47195
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 949B 44 KB
44 KB 155ms
132ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/43862/creativesup/DE-Karneval-TakkoFashion-NativeAd-1200x627-KW02.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 715f04a5234cb9ce8b69cc202ce11567d100f7c962280dcebfc9aebc3ed78b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 45294
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=56b511f6-7ef9-47f3-9166-3d4be327e896
https://s.cpx.to/ca.png?dsp=dbm&fid=56b511f6-7ef9-47f3-9166-3d4be327e896&google_gid=CAESENQfgxqDAmai4GvclcYrSfg&google_cver=1

95 B
803 B

73ms
39ms

Image
image/png

52.30.21.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=56b511f6-7ef9-47f3-9166-3d4be327e896&google_gid=CAESENQfgxqDAmai4GvclcYrSfg&google_cver=1

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

HTTP/1.1

Server

52.30.21.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-21-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
x-frame-options: sameorigin
Content-Type: image/png
cache-control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/ca.png?dsp=dbm&fid=56b511f6-7ef9-47f3-9166-3d4be327e896&google_gid=CAESENQfgxqDAmai4GvclcYrSfg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D56b511f6-7ef9-47f3-9166-3d4be327e896
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D56b511f6-7ef9-47f3-9166-3d4be327e896
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&fid=56b511f6-7ef9-47f3-9166-3d4be327e896

95 B
880 B

31ms
31ms

Image
image/png

52.30.21.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&fid=56b511f6-7ef9-47f3-9166-3d4be327e896

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

HTTP/1.1

Server

52.30.21.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-21-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
x-frame-options: sameorigin
Content-Type: image/png
p3p: CP="NOI DEV ADM"
cache-control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95
expires: Tue, 07 Feb 2023 18:22:30 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&fid=56b511f6-7ef9-47f3-9166-3d4be327e896
date: Tue, 07 Feb 2023 18:22:29 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 34ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Feb 2023 18:22:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252F6EONEO5%26hn_ver%3D40%26fid%3D56b511f6-7e...
https://s.cpx.to/an_fire?app_nexus_uid=1897824813687407767&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F6EONEO5&hn_ver=40&fid=56b511f6-7ef9-47f3-9166-3d4be327e896&dsp=pub_common&dsp_uid=34c6ef94-e...

95 B
864 B

35ms
34ms

Image
image/png

52.30.21.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=1897824813687407767&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F6EONEO5&hn_ver=40&fid=56b511f6-7ef9-47f3-9166-3d4be327e896&dsp=pub_common&dsp_uid=34c6ef94-ebea-4806-af04-feda1a0b66a5

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

HTTP/1.1

Server

52.30.21.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-21-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
x-frame-options: sameorigin
Content-Type: image/png
p3p: CP="NOI DEV ADM"
cache-control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95
expires: Tue, 07 Feb 2023 18:22:30 UTC

Redirect headers

Date: Tue, 07 Feb 2023 18:22:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7984d5c9-1e3d-4384-b2f6-677ca670e53b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.cpx.to/an_fire?app_nexus_uid=1897824813687407767&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F6EONEO5&hn_ver=40&fid=56b511f6-7ef9-47f3-9166-3d4be327e896&dsp=pub_common&dsp_uid=34c6ef94-ebea-4806-af04-feda1a0b66a5
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2E8B 0
863 B 21ms
21ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3711&pub_id=2046825&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3711&pub_id=2046825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
AN-X-Request-Uuid: 6c927e63-694b-4586-b344-519c59299e4e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900018.redintelligence.net/ Frame 949B 0
150 B 36ms
13ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/viewability?s=58086800162205400951435012228018&a=d43cdb68&vb=m
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:30 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 949B 13 KB
13 KB 30ms
29ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900018.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 04:33:15 GMT
x-content-type-options: nosniff
age: 136155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 04:33:15 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 949B 13 KB
13 KB 32ms
31ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900018.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:02:13 GMT
x-content-type-options: nosniff
age: 66017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 00:02:13 GMT

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame A826 0
936 B 8ms
8ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Flink1s.com%2F6EONEO5&e=wqT_3QL_Fuh_CwAAAwDWAAUBCOWtip8GEOW14ZXshIyZDhgAKjYJehSuR-F6hD8R0XR2MjhKfj8ZAAAAIIXr0T8h0Q0SBCl7DSQQMQAAAEABLfB5MPf2qAs4_xxApxxIAlDnmN_EAVjp2ZgBYABowLRReMuHBoABAYoBA1VTRJIBA0VVUpgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA1Njc5NDQ2LCAwKTt1ZignaScsIDc5NDM2NTUVFCxnJywgMjAwOTU2MDUVFQBzARUcODE3ODQ4MzkVFjByJywgNDEyNjAxNDQ3BRbwvJICyQ4hUG5DT2t3aldrYU1hRU9lWTM4UUJHQUFnNmRtWUFUQUJPQUJBQUVpbkhGRDM5cWdMV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVFLb0FRS3dBUUM1QVlhajgxbERDSU1fd1FIVzJsem80WHFFUDhrQkFBQUFBQUFBOERfWkFYY1FPMVBvdk8wXzRBSG42LVFEOVFFQUFJQkFtQUlBb0FJQ3RRSUFBQUFBdlFJQQE78J93QUlCeUFJQjBBSUIyQUlCNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xxczV5Z1FCQmdCTFVNVGJEcWlBdzRJdDZTU0tCQUtHQUV0QUFDQVA2SUREZ2pCeUwwb0VBc1lBaTBBQUFBQXVnTUpSbEpCTVRvMk5UazA0QU8xTUlBRTU5MkdDb2dFenQ2R0NwQUVBSmdFQktvRXRRY0lfX19fJSgUX19fQVJEAQcNAQw4QkdQDQsBAQh3RWcBBxEBEEFTZ0lNNiAAADQRHAEBBEFVNkwAAFMyLAAERlEBJBEBCEFWahELFF9fXzhCWTYsAABvARYRAQRBWDZYABRlQUdBQWYRHiHwBEdJOhAAAFE6EAAAWToQAABnOhAAAG86EAAAdzoQAAA0NhAAAEg6gAAASDqAACBIUUFmZjJxQXY6eAAASDp4AABIOngAAEg6eAAgSDRBYm9HZ0FMAeYNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLh0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAAh3UVGhkwkBCE1rRQkJAQEYRFlCQUR4QgELDQFMaUFYQ001Z0ZoLVN1aGdHcEJYY1Gx_AhzUVUNJhRBQUFNRUYBBwkBCERKQhFjDFBBXzAuKAAETmsVKLg4RF9nQmVnSDhBWDF4TW9KLUFYVzB0b0NnZ1lEUlZWU2lBWUFrQVlCbUFZQW9RWQlbNEFBUVFLZ0dCTElHSkFrERQIQUFCHccEQmsZGABDHRhETGdHQ2cuLpoCmQEhWkJTZHNROk0HLE9uWm1BRWdBQ2dBTRHBiEJCQU9nbEdVa0V4T2pZMU9UUkF0VEJKZHhBN1UtaTg3VDlSGW4EQlodDABoHQwAcB0MAHgdDAw0QUlrNXDYOEQ4LtgClkTgAu_5LuoCGmh0dHBzOi8vbGluazFzLmNvbS82RU9ORU818gIRCgZBRFZfSUQSBxp-CDDyAhIKBkNQR19JRBIIHmoIARUIBUNQARQACSJpCBDyAg0KCAE-GEZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4UEAoFSU9fAYkcNzk0MzY1NfIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fDtgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDjt3FAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzSoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA0gQOMzYyMyNGUkExOjY1OTTaBAIIAeAEAfAE55jfxAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AU2-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBpgO2gYWChAAAAAAAAAAABEIcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHy4cG0gcNFWIBJgzaBwYIBQlo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=f2ff17412351b05e79d8459f44db356c4c9e4f4a&bdref=https%3A%2F%2Flink1s.com%2F6EONEO5&bdtop=true&bdifs=2&bstk=https%3A%2F%2Flink1s.com%2F6EONEO5,https%3A%2F%2Flink1s.com%2F6EONEO5,https%3A%2F%2Flink1s.com%2F6EONEO5&

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
AN-X-Request-Uuid: 4542279b-fd7c-4f46-b75b-b3cc243feaba
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame A826 0
953 B 9ms
9ms Ping
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Flink1s.com%2F6EONEO5&e=wqT_3QLoFOhoCgAAAwDWAAUBCOWtip8GEOW14ZXshIyZDhgAKjYJehSuR-F6hD8R0XR2MjhKfj8ZAAAAIIXr0T8h0Q0SBCl7DSQQMQAAAEABLfB5MPf2qAs4_xxApxxIAlDnmN_EAVjp2ZgBYABowLRReMuHBoABAYoBA1VTRJIBA0VVUpgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA1Njc5NDQ2LCAwKTt1ZignaScsIDc5NDM2NTUVFCxnJywgMjAwOTU2MDUVFQBzARUcODE3ODQ4MzkVFjByJywgNDEyNjAxNDQ3BRbwvJICyQ4hUG5DT2t3aldrYU1hRU9lWTM4UUJHQUFnNmRtWUFUQUJPQUJBQUVpbkhGRDM5cWdMV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVFLb0FRS3dBUUM1QVlhajgxbERDSU1fd1FIVzJsem80WHFFUDhrQkFBQUFBQUFBOERfWkFYY1FPMVBvdk8wXzRBSG42LVFEOVFFQUFJQkFtQUlBb0FJQ3RRSUFBQUFBdlFJQQE78J93QUlCeUFJQjBBSUIyQUlCNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xxczV5Z1FCQmdCTFVNVGJEcWlBdzRJdDZTU0tCQUtHQUV0QUFDQVA2SUREZ2pCeUwwb0VBc1lBaTBBQUFBQXVnTUpSbEpCTVRvMk5UazA0QU8xTUlBRTU5MkdDb2dFenQ2R0NwQUVBSmdFQktvRXRRY0lfX19fJSgUX19fQVJEAQcNAQw4QkdQDQsBAQh3RWcBBxEBEEFTZ0lNNiAAADQRHAEBBEFVNkwAAFMyLAAERlEBJBEBCEFWahELFF9fXzhCWTYsAABvARYRAQRBWDZYABRlQUdBQWYRHiHwBEdJOhAAAFE6EAAAWToQAABnOhAAAG86EAAAdzoQAAA0NhAAAEg6gAAASDqAACBIUUFmZjJxQXY6eAAASDp4AABIOngAAEg6eAAgSDRBYm9HZ0FMAeYNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLh0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAAh3UVGhkwkBCE1rRQkJAQEYRFlCQUR4QgELDQFMaUFYQ001Z0ZoLVN1aGdHcEJYY1Gx_AhzUVUNJhRBQUFNRUYBBwkBCERKQhFjDFBBXzAuKAAETmsVKLg4RF9nQmVnSDhBWDF4TW9KLUFYVzB0b0NnZ1lEUlZWU2lBWUFrQVlCbUFZQW9RWQlbNEFBUVFLZ0dCTElHSkFrERQIQUFCHccEQmsZGABDHRhETGdHQ2cuLpoCmQEhWkJTZHNROk0HLE9uWm1BRWdBQ2dBTRHBiEJCQU9nbEdVa0V4T2pZMU9UUkF0VEJKZHhBN1UtaTg3VDlSGW4EQlodDABoHQwAcB0MAHgdDAw0QUlrNXDw3jhEOC7YApZE4ALv-S7qAhpodHRwczovL2xpbmsxcy5jb20vNkVPTkVPNYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA47dxQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTM0qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEAMgEANIEDjM2MjMjRlJBMTo2NTk02gQCCAHgBAHwBOeY38QBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAFDmjYBQHgBQHwBTb6BQQIABAAkAYAmAYAuAYAwQYFICwA8D_QBpgO2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHy4cG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=e4d783212579fe62b5fa9dccea0ecba8839aee7b&type=nv&nvt=5&jm=1003&px=328&py=415&bw=970&bh=250&sid=3299046171303151008&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23739255&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=1262&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:30 GMT
AN-X-Request-Uuid: 9db1d761-b979-49ba-af0a-079d60922fd9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 557C 5 KB
5 KB 11ms
11ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2219836856
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:30 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame BFF8 103 KB
40 KB 53ms
52ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83beb2bdff4436f039c100616058f2129e8b8abd5347447b575856c638807e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40688
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 18:22:30 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3854 85 KB
31 KB 90ms
8ms Script
application/javascript 65.9.66.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=58086800162205400951435012228018&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 09:30:06 GMT
content-encoding: gzip
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 31944
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: LJH9WJSnRe8146hCIvzPLnccSHe17mmAfU2IJ2DiPDekb1b5hIRZWg==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 3854 3 KB
3 KB 78ms
19ms Image
image/png 18.66.15.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1675794450&Signature=KWPcMqrTzLjph~JocVYQMi2~Zvz30AMdHqyK3Zi9OF4UpVQHYdXuftKzP6-455ll27vdvbYe2n9E5GDxPNJAwpMbpRYzwWi9IHGOEiliUdm2FnNUfDHeTeOZFw2JD7tp36DJvpWk34glC08fKU5VZGkILlBMY8esavES1Dby9LSaj1eGtefTeBoidCQ2L3fE~uQhi-gQYNONPMXaB5boxbg9JQkahQInSuCC35FXiPczNipfvUUkEx~cOg8mFDqiCBeAJ-7Hr4gn7mpnyQpsd64IzvqURtYhLbyGhyvH~7lK07oYbpy4yqzZpf~ytJgE3lTmFUwjD8IVaMy7~Q501Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-16.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 07 Feb 2023 07:20:49 GMT
via: 1.1 8fc54d3acff9539327f4d7a6bf40a31e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 39717
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: dGVCTg--V88D5CcNX26I1heVE12EvNlpRd3a9h_YXFpALIb64cN9Qg==

POST
H3 204 auction Show response
intake.pbstck.com/v1/intake/ Frame 1D4F 0
121 B 44ms
44ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26bfc88737fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 impression Show response
intake.pbstck.com/v1/intake/ Frame 1D4F 0
121 B 42ms
42ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/impression?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26bfc88837fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 1D6D 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1D6D 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1D6D 2 KB
2 KB 32ms
32ms Image
image/png 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:21:21 GMT
x-content-type-options: nosniff
age: 10869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 14 Feb 2023 15:21:21 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1D6D 15 KB
15 KB 32ms
32ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:47:12 GMT
x-content-type-options: nosniff
age: 268518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:47:12 GMT

POST
H3 204 auction Show response
intake.pbstck.com/v1/intake/ Frame B18C 0
121 B 36ms
35ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26c0495d37fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 auction Show response
intake.pbstck.com/v1/intake/ Frame B18C 0
121 B 43ms
42ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26c0495e37fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 1D6D 102 B
133 B 23ms
23ms Other
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7&co=aHR0cHM6Ly9saW5rMXMuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=gxl0b2vvr4d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 07 Feb 2023 18:22:30 GMT

POST
H3 204 auction Show response
intake.pbstck.com/v1/intake/ Frame 528D 0
121 B 37ms
37ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26c0798b37fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 impression Show response
intake.pbstck.com/v1/intake/ Frame 528D 0
121 B 36ms
36ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/impression?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26c0798e37fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dc_pre=CNPWrtiDhP0CFZqdmgod_mIKPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465
adservice.google.com/ddm/fls/z/ Frame FE22 42 B
401 B 121ms
49ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNPWrtiDhP0CFZqdmgod_mIKPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNPWrtiDhP0CFZqdmgod_mIKPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9388064908053.465?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.recaptcha.net/recaptcha/api2/ Frame 32CB 7 KB
1 KB 25ms
25ms Document
text/html 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fbdc0a4eebff64ec52d2286002eda1a8caadd65069d7fa065188209abad4b8f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9R5s23yvtqKc5FLNzpfVYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-9R5s23yvtqKc5FLNzpfVYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 18:22:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 32CB 55 KB
24 KB 28ms
28ms Stylesheet
text/css 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 18:01:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 32CB 406 KB
162 KB 31ms
31ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 08:52:32 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 38ms
8ms Script
application/javascript 2600:9000:211e:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 17:42:00 GMT
content-encoding: gzip
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2431
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: QOgWfOl9du5X8UULujQoOKtyWI54QMAS7nlxcVY1L8Dp09yVP0BkFg==

GET
H2 200 pixel;r=1983968417;labels=Categories.personal-finance%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flink1s.c...
pixel.quantserve.com/ 35 B
371 B 181ms
172ms Image
image/gif 2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1983968417;labels=Categories.personal-finance%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flink1s.com%2F6EONEO5;uht=2;fpan=1;fpa=P0-1641708056-1675794150565;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=link1s.com;dst=0;et=1675794150605;tzo=0;ogl=image.;ses=65b1cd1c-0bb6-427f-95a0-2ba17065fc58

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H3 204 viewability Show response
intake.pbstck.com/v1/intake/ Frame 1D4F 0
121 B 39ms
39ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/viewability?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26c44fd437fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 viewability Show response
intake.pbstck.com/v1/intake/ Frame 528D 0
121 B 35ms
34ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/viewability?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26c4985037fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3854 16 B
232 B 76ms
76ms Fetch
application/json 18.169.219.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.219.247 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-219-247.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Feb 2023 18:22:31 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 120ms
23ms Preflight 18.169.219.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.219.247 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-219-247.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://link1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:31 GMT
server: nginx

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2E8B 0
863 B 8ms
7ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3711&pub_id=2046825&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3711&pub_id=2046825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:31 GMT
AN-X-Request-Uuid: 1ca95fa7-2e48-4e6e-9085-828c33c0340b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 3854 0
953 B 37ms
36ms Ping
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Flink1s.com%2F6EONEO5&e=wqT_3QKWDPBMFgYAAAMA1gAFAQjlrYqfBhD_je3M7PXOsjIYl4mKzs6zm6saKjYJy7kUV5V9pz8RUwQ4vYv3oz8ZAAAAIIXr0T8hUwQ4vYv3oz8py7kJJPCqMQAAAEDheoQ_MPf2qAs4_xxAHUgIUPeNu7YBWOnZmAFgAGjAtFF4g8kEgAEBigEDVVNEkgEDRVVSmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYApZE4ALv-S7qAhpodHRwczovL2xpbmsxcy5jb20vNkVPTkVPNYADAIgDAZADAJgDF6ADAaoD1AYKiwZodHRwOi8vdGFncy5tYXRodGFnBTVUbm90aWZ5L2ltZz9leGNoPWFwbiZzXxUL8EZpZD01YVc5NXEyakx6SXpMeUF2VFZSUk0wMVVZekZOUkdOMFRucE9iVnBUTUhwUFIwVXhURlJCZDAxRVFYUk5SRUYzVFVSQgkQBGROARDwyUx6STVNamc0TkRneE56TTBNakV6TWprMk16RXZOall5TWpRd05DODBOVFl5TXpFeUx6RXpMMlpWYzNZek5scFlUV0pGU0VKNk1qVlFNR3hzWTJKdGVqbG1Oa1kyZWtSblRUVTFXbk01VEMxMloxVXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6STVPVGN3TVRRNU1UZ3ZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFUVhSTlJFRjNUVU13ZDAB5AhkTVYRIABFBRAF5ABUFfQMY3ZNQwl8CQhm_ACwZW5Kb0x6QXZOVEV6THpnd0x6azVPUzh6TWpJdk1UYzRMakUyTWk0eU1Ea3VNAVQ4akF3TUM4eE5qYzFOemswAczwcUx6RTJOelU0TURZM05Ea3ZNVE12TXpjeE1TOC9mUHJoT1kxcV9sdVBWZ2VSbmVNT29OX3JDTDgmbm9kZWlkPTM3NDcmZ3JvdXA9enJoJmF1Y3Rpb25pZD0yOTI4ODQ4MTczNDIxMzI5NjMxJnBic19hdW4iACRzaGFyZGtleT0yTj8A8IFyaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZWZpaWEmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS44MSZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjQwNCZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhMyOTI4ODQ4Ls8AqBoTMzYzMTM3NDI5NjQzNjkxODAxNSIJMzgyNjUwMTAzKgYxMDE5MzY6BzYJY_CQwAOsAsgDANgDjt3FAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzSoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBPeNu7YBiAUBmAUAoAXco7DTy9Ki42PABQDJBQAAAAAAAPA_0gUJCQAAAAUPcNgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGBSIwAPA_0Ab5qwHaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxyAeDyQTSBw0JETEBLwjaBwYBZ_DKGADgBwDqBwIIAPAHwvwDigivAQqqAQAAAYYtHW6IMmU7rsmbRv_r7w8jaHIiCLVygqv3N46gc5kTC-7qi1HJMcaBTivcZy9OzEbStGsfoH_NBQlkY_R2dr7cb_6QmM68KNJACMm34bNGKP1Qnw-gnZZVRB0o78KtSbMM2mEuUrvDzhQrQGtMakS1H1wX3SOAJs6Nq4rEMgV42Wg8lSImR5D637u_LiCMdh4lbh4Hq2zrYmNeuWR4IlErpyVxhxtXEAGVCAAAgD-YCAE.&s=8923c4de0821f12862ac377299527f8b7e26ddaa&type=pv&jm=1003&px=328&py=856&bw=970&bh=250&sf=1&sid=3299046171303151008&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23739255&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:31 GMT
AN-X-Request-Uuid: 5f09c867-4880-4c3a-9492-71502c0f397f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame A826 0
953 B 7ms
7ms Ping
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Flink1s.com%2F6EONEO5&e=wqT_3QLoFOhoCgAAAwDWAAUBCOWtip8GEOW14ZXshIyZDhgAKjYJehSuR-F6hD8R0XR2MjhKfj8ZAAAAIIXr0T8h0Q0SBCl7DSQQMQAAAEABLfB5MPf2qAs4_xxApxxIAlDnmN_EAVjp2ZgBYABowLRReMuHBoABAYoBA1VTRJIBA0VVUpgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA1Njc5NDQ2LCAwKTt1ZignaScsIDc5NDM2NTUVFCxnJywgMjAwOTU2MDUVFQBzARUcODE3ODQ4MzkVFjByJywgNDEyNjAxNDQ3BRbwvJICyQ4hUG5DT2t3aldrYU1hRU9lWTM4UUJHQUFnNmRtWUFUQUJPQUJBQUVpbkhGRDM5cWdMV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVFLb0FRS3dBUUM1QVlhajgxbERDSU1fd1FIVzJsem80WHFFUDhrQkFBQUFBQUFBOERfWkFYY1FPMVBvdk8wXzRBSG42LVFEOVFFQUFJQkFtQUlBb0FJQ3RRSUFBQUFBdlFJQQE78J93QUlCeUFJQjBBSUIyQUlCNEFJQTZBSUEtQUlCZ0FNQm1BTUJvZ01PQ0xxczV5Z1FCQmdCTFVNVGJEcWlBdzRJdDZTU0tCQUtHQUV0QUFDQVA2SUREZ2pCeUwwb0VBc1lBaTBBQUFBQXVnTUpSbEpCTVRvMk5UazA0QU8xTUlBRTU5MkdDb2dFenQ2R0NwQUVBSmdFQktvRXRRY0lfX19fJSgUX19fQVJEAQcNAQw4QkdQDQsBAQh3RWcBBxEBEEFTZ0lNNiAAADQRHAEBBEFVNkwAAFMyLAAERlEBJBEBCEFWahELFF9fXzhCWTYsAABvARYRAQRBWDZYABRlQUdBQWYRHiHwBEdJOhAAAFE6EAAAWToQAABnOhAAAG86EAAAdzoQAAA0NhAAAEg6gAAASDqAACBIUUFmZjJxQXY6eAAASDp4AABIOngAAEg6eAAgSDRBYm9HZ0FMAeYNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLh0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAAh3UVGhkwkBCE1rRQkJAQEYRFlCQUR4QgELDQFMaUFYQ001Z0ZoLVN1aGdHcEJYY1Gx_AhzUVUNJhRBQUFNRUYBBwkBCERKQhFjDFBBXzAuKAAETmsVKLg4RF9nQmVnSDhBWDF4TW9KLUFYVzB0b0NnZ1lEUlZWU2lBWUFrQVlCbUFZQW9RWQlbNEFBUVFLZ0dCTElHSkFrERQIQUFCHccEQmsZGABDHRhETGdHQ2cuLpoCmQEhWkJTZHNROk0HLE9uWm1BRWdBQ2dBTRHBiEJCQU9nbEdVa0V4T2pZMU9UUkF0VEJKZHhBN1UtaTg3VDlSGW4EQlodDABoHQwAcB0MAHgdDAw0QUlrNXDw3jhEOC7YApZE4ALv-S7qAhpodHRwczovL2xpbmsxcy5jb20vNkVPTkVPNYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA47dxQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTM0qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEAMgEANIEDjM2MjMjRlJBMTo2NTk02gQCCAHgBAHwBOeY38QBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAFDmjYBQHgBQHwBTb6BQQIABAAkAYAmAYAuAYAwQYFICwA8D_QBpgO2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHy4cG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=e4d783212579fe62b5fa9dccea0ecba8839aee7b&type=pv&jm=1003&px=328&py=415&bw=970&bh=250&sf=1&sid=3299046171303151008&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23739255&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:31 GMT
AN-X-Request-Uuid: 24ee0ff9-894e-4281-8056-fd646fd6b61f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 viewability Show response
anz.audiencemanager.de/log/ad/ Frame A826 43 B
295 B 35ms
34ms Fetch
image/gif 3.251.34.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anz.audiencemanager.de/log/ad/viewability?id=63c50f5f293004695e28b70d&adId=e33e2063e296e5ed5f49396608556291737444&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&ntuId=820c4f0716fb32e19e5010e56698d3228178a0976b0a6b7b98fc5f4f846bb522&cb=1675802734&lsUserId=null&time=1&percentage=51&hless=0&jsCurl=https%3A%2F%2Flink1s.com%2F6EONEO5
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.34.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-34-9.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:31 GMT
server: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by: PHP/7.2.9
requestid: e33e2063e296e75435b0233004005720177850
content-type: image/gif
status: 200 OK
hostname: 10-0-13-161
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
responsetime: 6
content-length: 43

GET
H2 200 view
liift-trc.audiencemanager.de/ Frame A826 0
0 32ms
32ms Fetch
text/html 54.72.202.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://liift-trc.audiencemanager.de/view?dataRequestId=1022933008400276197&campaignId=63c53984745a1feac2025ff2&tagId=23739255&w=970&h=250&cb=1675802840&time=1&percent=51&hless=0&jscurl=https%3A%2F%2Flink1s.com%2F6EONEO5
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.202.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-202-70.eu-west-1.compute.amazonaws.com
Software: swoole-http-server /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:31 GMT
cache-control: no-cache
server: swoole-http-server
content-length: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal900018.redintelligence.net/ Frame 949B 0
150 B 34ms
12ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/viewability?s=58086800162205400951435012228018&a=d43cdb68&vb=v
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/request_content.php?s=58086800162205400951435012228018&a=2f0dab39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 viewability Show response
intake.pbstck.com/v1/intake/ Frame 1D4F 0
121 B 38ms
38ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/viewability?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26c6aba737fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 viewability Show response
intake.pbstck.com/v1/intake/ Frame 528D 0
121 B 56ms
56ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/viewability?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=DE
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795e26c74c7237fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame B18C 87 KB
28 KB 69ms
33ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Feb 2023 18:22:32 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame B18C 89 KB
29 KB 65ms
32ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
server: nginx
etag: W/"63c74972-162fb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Feb 2023 18:22:32 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 1D4F 87 KB
28 KB 24ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Feb 2023 18:22:32 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 1D4F 89 KB
29 KB 40ms
40ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
server: nginx
etag: W/"63c74972-162fb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Feb 2023 18:22:32 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 528D 87 KB
28 KB 23ms
22ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Feb 2023 18:22:32 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 0D1B 0
0 15ms
15ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1675794149291

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync-all.html Show response
adxbid.info/ Frame 33FB 7 KB
3 KB 62ms
24ms Document
text/html 2606:4700:e0::ac40:6705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 795e26cf7da39054-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x713NLcWCTMHAtMP3CnjH9bztX2rOh6fur7aWX9q%2FrgbIwpHejhQhIJ9PtbZz3bfyiF4SFR%2Bwtf2h4sigiwPwb0hi00bitdxLI4Kpl%2F574wHvYYJZxGeOOOEr5TU8JxAtg%2Bbl3tYUG8gNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B1C9 52 KB
17 KB 9ms
9ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 52793
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 07 Feb 2023 18:22:32 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 22, 219448
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230045-FRA
X-Timer: S1675794153.837739,VS0,VE0

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 475D 604 B
783 B 14ms
14ms Document
text/html 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 6af3f2a6d70631dc5b03d0c3bcff0909a86ff8afe8551f99134f7e6095929435

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 604
content-type: text/html

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 20C3 16 KB
6 KB 120ms
22ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=22608
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 07 Feb 2023 18:22:32 GMT
expires: Wed, 08 Feb 2023 00:39:20 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 475D
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=75d82d98-f77a-44d1-9979-a9b7273b5122&ssp=between&gdpr=&gdpr_consent=

43 B
106 B

99ms
20ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=75d82d98-f77a-44d1-9979-a9b7273b5122&ssp=between&gdpr=&gdpr_consent=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=75d82d98-f77a-44d1-9979-a9b7273b5122&ssp=between&gdpr=&gdpr_consent=
Date: Tue, 07 Feb 2023 18:22:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 475D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1ualowUEx0RTJ1RWlqTWFtazUycThHM1NUeHBfeGtPbFA3TEdjZEUtfkE%3D&gdpr=0

68 B
607 B

15ms
14ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1ualowUEx0RTJ1RWlqTWFtazUycThHM1NUeHBfeGtPbFA3TEdjZEUtfkE%3D&gdpr=0
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1ualowUEx0RTJ1RWlqTWFtazUycThHM1NUeHBfeGtPbFA3TEdjZEUtfkE%3D&gdpr=0
date: Tue, 07 Feb 2023 18:22:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 btw
sync.dmp.otm-r.com/match/ Frame 475D 0
69 B 74ms
12ms Image
text/plain 195.201.152.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/btw?id=a440e22a-3d79-5226-acbb-451acf59d3ff
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.152.107 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.107.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:32 GMT
server: nginx/1.17.6

GET
H2

200

match
ads.betweendigital.com/ Frame 475D
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usP29rwFbMO3.AikABlGGLR1-jA

68 B
607 B

13ms
12ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usP29rwFbMO3.AikABlGGLR1-jA
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
server: nginx
x-backend-id: f16-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usP29rwFbMO3.AikABlGGLR1-jA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B1C9 0
863 B 9ms
9ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:32 GMT
AN-X-Request-Uuid: 7cebe175-6c03-4aed-a1a5-d233f8d2e29d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 8FA1 4 KB
1 KB 122ms
7ms Document
text/html 151.236.118.210
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a440e22a-3d79-5226-acbb-451acf59d3ff&CACHEBUSTER=589219
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 07 Feb 2023 18:22:33 GMT
etag: W/"638623e5-e7e"
last-modified: Tue, 29 Nov 2022 15:23:17 GMT
server: nginx
x-cdn-edge-cache: HIT
x-cdn-edge-id: 311
x-cdn-request-id: 12b36a256dff547bf466d4584c6d3aca

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 5A49 0
159 B 16ms
15ms Document
text/html 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: text/html

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5ED2 16 KB
6 KB 67ms
23ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=22608
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 07 Feb 2023 18:22:32 GMT
expires: Wed, 08 Feb 2023 00:39:20 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 658F 52 KB
17 KB 7ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 52793
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 07 Feb 2023 18:22:32 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 22, 219449
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230045-FRA
X-Timer: S1675794153.895104,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame D428 0
0 15ms
15ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1675794149288

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync-all.html Show response
adxbid.info/ Frame 136C 7 KB
3 KB 24ms
24ms Document
text/html 2606:4700:e0::ac40:6705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 795e26cf9dd79054-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdNT0GsUz9BZk5WmV16%2FR7Db87n29YhH5fLHmc9IFsScxRjuCsk94tpefHp5Zcp6hC9L3cnDincMXQYCiHBbGnISTZ1aO12lQv8waEmFCQBcJiwqCJUPf0rWbgeZ0vV5hwmJirZbs3wL6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 204 /
onetag-sys.com/usync/ Frame A885 0
0 17ms
14ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1675794149502

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame F5BA 0
159 B 16ms
13ms Document
text/html 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: text/html

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D1F1 16 KB
6 KB 36ms
20ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=22608
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 07 Feb 2023 18:22:32 GMT
expires: Wed, 08 Feb 2023 00:39:20 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0BE5 52 KB
17 KB 8ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 52793
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 07 Feb 2023 18:22:32 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 22, 219450
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230045-FRA
X-Timer: S1675794153.923009,VS0,VE0

GET
H2 200 sync-all.html Show response
adxbid.info/ Frame C14D 7 KB
3 KB 24ms
23ms Document
text/html 2606:4700:e0::ac40:6705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 795e26cfce2a9054-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQ0vXxzFkoC5%2BTYTsiZ6Ax78BecuMIYkrV0cXqIJHHb7K0iucUO6Dqv05CMK0j1k%2F9zxn%2BamfLqk958rWX1as8Evkqr%2B7vuPjArO1jaJjfe4%2BPTzjtVFl5tAgr9fqEhGBQawIG4%2BtG9IQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 getuid
eb2.3lift.com/ Frame 33FB 37 B
139 B 62ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 658F 0
863 B 7ms
7ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:32 GMT
AN-X-Request-Uuid: 31f7eb44-23ee-4f85-98f4-060e492c40e2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 / Show response
link1s.com/sbbi/ Frame D9DF 532 B
486 B 6733ms
6733ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=QA&sbbgs=h4f1d2a26bb25517911d65a0d9a2ce203670&ddl=-163
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://link1s.com
Referer: https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=QA&sbbgs=h4f1d2a26bb25517911d65a0d9a2ce203670&ddl=-163
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 18:22:32 GMT
server: fbs
x-accel-expires: 0
x-hw: 1675794152.cds272.fr8.hn,1675794152.cds228.fr8.sc,1675794152.cdn2-wafbe02-fra1.stackpath.systems.-.i,1675794152.cds228.fr8.p

GET
H2 200 getuid
eb2.3lift.com/ Frame 136C 37 B
140 B 16ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0BE5 0
863 B 9ms
9ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:32 GMT
AN-X-Request-Uuid: 7eae229f-7c7a-484f-9949-fb445ad61358
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 getuid
eb2.3lift.com/ Frame C14D 37 B
139 B 9ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D1F1 5 KB
6 KB 124ms
13ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85447430&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 85bb57a01daae26fd644b32f20338c7b07b59b9184c62b3aa99c8a8bd7e487f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 18:22:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 136C
Redirect Chain

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739

86 B
564 B

63ms
15ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
content-length: 86
content-type: image/png

Redirect headers

Location: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739
Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 33FB
Redirect Chain

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739

86 B
564 B

63ms
16ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
content-length: 86
content-type: image/png

Redirect headers

Location: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739
Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame C14D
Redirect Chain

https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739

86 B
564 B

64ms
16ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
content-length: 86
content-type: image/png

Redirect headers

Location: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=9bab70080d98f5cfdaa95c94aac14ee8effa6b486130b4cf74228747a249d739
Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 8FA1
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=79b04f57-acc2-4297-8511-2f22765a5bb3&ssp=between&gdpr=&gdpr_consent=

43 B
356 B

65ms
19ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=79b04f57-acc2-4297-8511-2f22765a5bb3&ssp=between&gdpr=&gdpr_consent=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=79b04f57-acc2-4297-8511-2f22765a5bb3&ssp=between&gdpr=&gdpr_consent=
Date: Tue, 07 Feb 2023 18:22:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame E161
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=

35 B
477 B

25ms
25ms

Document
image/gif

37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Tue, 07 Feb 2023 18:22:33 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Tue, 07 Feb 2023 18:22:33 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 34F0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7fe63e2-96e6-4d00-be93-63a4dbc07294&gdpr=0&gdpr_consent=

42 B
405 B

154ms
153ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7fe63e2-96e6-4d00-be93-63a4dbc07294&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 07 Feb 2023 18:22:33 GMT
Expires: Tue, 07 Feb 2023 18:22:32 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 441 9053ffc master zrh-pixel-x28 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7fe63e2-96e6-4d00-be93-63a4dbc07294&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C5E9
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=428985312418118942

42 B
194 B

155ms
154ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=428985312418118942
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=428985312418118942
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 6BEA 43 B
363 B 93ms
17ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 18:22:32 GMT
expires: Tue, 07 Feb 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 553806
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B9BE
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uswlpLXJJaChniOjv8ht87XPI6WhnSOkuc8BPSKS

42 B
340 B

153ms
153ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uswlpLXJJaChniOjv8ht87XPI6WhnSOkuc8BPSKS
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Tue, 07 Feb 2023 18:22:33 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uswlpLXJJaChniOjv8ht87XPI6WhnSOkuc8BPSKS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame BDDD 43 B
855 B 231ms
117ms Document
image/gif 52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 Feb 2023 18:22:33 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: TFWBF77T2XRMXYSBP4SV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 41A4
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1897824813687407767&gdpr=0&gdpr_consent=

42 B
219 B

155ms
154ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1897824813687407767&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 97bb803d-7368-487e-bcbc-ad37184e5983
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Feb 2023 18:22:33 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1897824813687407767&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8F18
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7197481081972193431&gdpr=0&gdpr_consent=

42 B
243 B

161ms
155ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7197481081972193431&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Tue, 07 Feb 2023 18:22:33 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7197481081972193431&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A695
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=chZLR3MPQDpwLQOVyA_EQbKi0YY&gdpr=0&gdpr_consent=

42 B
301 B

154ms
154ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=chZLR3MPQDpwLQOVyA_EQbKi0YY&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Feb 2023 18:22:33 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=chZLR3MPQDpwLQOVyA_EQbKi0YY&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 39CE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_KW6QADoAP_zQBh&gdpr=1&gdpr_consent=&_test=Y_KW6QADoAP_zQBh

0
74 B

153ms
153ms

Document
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_KW6QADoAP_zQBh&gdpr=1&gdpr_consent=&_test=Y_KW6QADoAP_zQBh
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Tue, 07 Feb 2023 18:22:33 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_KW6QADoAP_zQBh&gdpr=1&gdpr_consent=&_test=Y_KW6QADoAP_zQBh
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230122-FRA
x-timer: S1675794153.317443,VS0,VE0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame EB1C
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKX2lVN0h4UzRBQUNDNDRxT0F5QQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJ_iU7HxS4AACC44qOAyA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJ_iU7HxS4AACC44qOAyA&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJ_iU7HxS4AACC44qOAyA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5803091091849309759&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_iU7HxS4AACC44qOAyA&gdpr=0&gdpr_consent=

42 B
199 B

155ms
155ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_iU7HxS4AACC44qOAyA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 07 Feb 2023 18:22:33 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_iU7HxS4AACC44qOAyA&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 5B45
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675794153190
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6586380883

70 B
264 B

33ms
33ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6586380883
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 07 Feb 2023 18:22:33 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Tue, 07 Feb 2023 18:22:33 GMT
etag: RX5a75edf6ede54ef481dbb47578f60a9d003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6586380883
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CECB
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

154ms
154ms

Document
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:22:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Tue, 07 Feb 2023 18:22:33 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 0FA9 43 B
277 B 202ms
112ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 Feb 2023 18:22:33 GMT
Vary: Accept-Encoding
X-adserver-worker: erebus-c19a71b980bd@version_1.535
X-core-time: 0ms
X-server-arch: v2

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame A782 0
0 41ms
11ms Document
text/plain 157.90.40.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

157.90.40.26 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.26.40.90.157.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Tue, 07 Feb 2023 18:22:33 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame C107
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
410 B

190ms
181ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 795e26d2aafc6913-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:33 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 795e26d1593d6913-FRA
content-type: text/html
date: Tue, 07 Feb 2023 18:22:33 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 1202

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame A541 43 B
370 B 61ms
19ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Tue, 07 Feb 2023 18:22:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

404

gdpr_consent= Show response
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/ Frame 7657
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...

49 B
266 B

463ms
163ms

Document
image/gif

184.169.232.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYMhgMUSTSXQXUhjW%2526gdpr%253D0%2526gdpr_consent%253D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.232.193 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-232-193.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 49
content-type: image/gif
date: Tue, 07 Feb 2023 18:22:33 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.41.20.169

Redirect headers

content-length: 0
location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYMhgMUSTSXQXUhjW%2526gdpr%253D0%2526gdpr_consent%253D

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D1F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e6me93yWRdKfw1tb8_tWdw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

4 KB
4 KB

21ms
21ms

Image
text/html

2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=22607
accept-ranges: bytes
content-length: 5554
expires: Wed, 08 Feb 2023 00:39:20 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

404

gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/ Frame D1F1
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...

49 B
265 B

505ms
165ms

Image
image/gif

184.169.232.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Server: 184.169.232.193 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-232-193.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.41.11.167
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0

GET
H2

202

Artemis
aud.pubmatic.com/AdServer/ Frame D1F1
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&addseg=19,36,42

0
0

514ms
155ms

Image
application/json

204.237.133.247
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Server: 204.237.133.247 Ambler, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Tue, 07 Feb 2023 18:22:33 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D1F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0JBOTlFRjctN0M5Ni00NUQyLTlGQzMtNUI1QkYzRkI1Njc3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
113 B

154ms
154ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D1F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFh4dacoew5RULVNWycSMSA&google_cver=1

42 B
377 B

155ms
154ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFh4dacoew5RULVNWycSMSA&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFh4dacoew5RULVNWycSMSA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame D1F1 43 B
612 B 80ms
18ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 06 Feb 2023 18:22:33 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D1F1
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2229061586835553493

42 B
298 B

160ms
156ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2229061586835553493
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2229061586835553493
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D1F1 70 B
264 B 35ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame D1F1 43 B
235 B 427ms
161ms Image
image/gif 35.212.133.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.212.133.238 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.133.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D1F1 43 B
426 B 121ms
34ms Image
image/gif 2a05:d018:d29:3605:bb48:7fbf:8788:cd62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:bb48:7fbf:8788:cd62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D1F1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_DxrQIhE2uW6d7EFYaUc7lkf_SJZxx0-~A&gdpr=0

0
261 B

559ms
182ms

Image
text/plain

104.36.113.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_DxrQIhE2uW6d7EFYaUc7lkf_SJZxx0-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Server: 104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 17:43:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_DxrQIhE2uW6d7EFYaUc7lkf_SJZxx0-~A&gdpr=0
date: Tue, 07 Feb 2023 18:22:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame D1F1 0
104 B 109ms
27ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame D1F1 0
191 B 521ms
154ms Image
text/plain 209.25.233.254
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.25.233.254 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D1F1
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2457898670943841534&gdpr=0&gdpr_consent=&us_privacy=

1 B
195 B

157ms
156ms

Image
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2457898670943841534&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2457898670943841534&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 07 Feb 2023 18:22:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D1F1
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:14f822ee-5b3f-4186-a735-3771e8acd545&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

154ms
153ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:14f822ee-5b3f-4186-a735-3771e8acd545&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:14f822ee-5b3f-4186-a735-3771e8acd545&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 07 Feb 2023 18:22:33 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D1F1
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1897824813687407767

42 B
95 B

155ms
154ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1897824813687407767
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:33 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 07 Feb 2023 18:22:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8ad99e67-c581-48ed-ab41-f4c59b4d1d82
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1897824813687407767
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 viewability Show response
anz.audiencemanager.de/log/ad/ Frame A826 43 B
295 B 39ms
39ms Fetch
image/gif 3.251.34.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anz.audiencemanager.de/log/ad/viewability?id=63c50f5f293004695e28b70d&adId=e33e2063e296e5ed5f49396608556291737444&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&ntuId=820c4f0716fb32e19e5010e56698d3228178a0976b0a6b7b98fc5f4f846bb522&cb=1675802734&lsUserId=null&time=3&percentage=100&hless=0&jsCurl=https%3A%2F%2Flink1s.com%2F6EONEO5
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.34.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-34-9.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
server: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by: PHP/7.2.9
requestid: e33e2063e296e954536567101830345943886
content-type: image/gif
status: 200 OK
hostname: 10-0-13-161
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
responsetime: 8
content-length: 43

GET
H2 200 view
liift-trc.audiencemanager.de/ Frame A826 0
0 32ms
32ms Fetch
text/html 54.72.202.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://liift-trc.audiencemanager.de/view?dataRequestId=1022933008400276197&campaignId=63c53984745a1feac2025ff2&tagId=23739255&w=970&h=250&cb=1675802840&time=3&percent=100&hless=0&jscurl=https%3A%2F%2Flink1s.com%2F6EONEO5
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.202.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-202-70.eu-west-1.compute.amazonaws.com
Software: swoole-http-server /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
cache-control: no-cache
server: swoole-http-server
content-length: 0
content-type: text/html

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 64A9 49 KB
18 KB 203ms
19ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Tue, 07 Feb 2023 18:22:33 GMT
etag: W/"63e28045-c234"
last-modified: Tue, 07 Feb 2023 16:45:57 GMT
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AcO1qhEVQyr/KBUAAA
x-77-nzt-ray: 4c156224ab535edbe996e26349b19026
x-77-pop: frankfurtDE
x-accel-expires: @1676825537
x-age: 5416
x-cache: HIT

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 9F73 49 KB
18 KB 209ms
29ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Tue, 07 Feb 2023 18:22:33 GMT
etag: W/"63e28045-c234"
last-modified: Tue, 07 Feb 2023 16:45:57 GMT
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AcO1qhEsPar/KBUAAA
x-77-nzt-ray: 4c156224ab535edbe996e263feaeb126
x-77-pop: frankfurtDE
x-accel-expires: @1676825537
x-age: 5416
x-cache: HIT

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 8370 49 KB
18 KB 214ms
35ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Tue, 07 Feb 2023 18:22:33 GMT
etag: W/"63e28045-c234"
last-modified: Tue, 07 Feb 2023 16:45:57 GMT
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AcO1qhHBpmb/KBUAAA
x-77-nzt-ray: 4c156224ab535edbe996e263180bd326
x-77-pop: frankfurtDE
x-accel-expires: @1676825537
x-age: 5416
x-cache: HIT

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 136C
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6fhDinjgSSuLnpkJSAAA%261179

86 B
696 B

15ms
15ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6fhDinjgSSuLnpkJSAAA%261179
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
content-length: 86
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXHSGE8NL62VyEYBSQi4FzVZr3uz3Apz0XBv479skuggD4y8XOLiL0hODlocjTdjSVQch3CmrtVYunY5%2FOlEoUeCK4OTqgrEk9YJh6zs4%2BEXipiTCq08PlxbKo35jk9PtAuMxmJp"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6fhDinjgSSuLnpkJSAAA%261179
cache-control: no-cache
cf-ray: 795e26d4f90c68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 33FB
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6TSLyaHSi5Am8NCJwwAA%261104

86 B
696 B

15ms
14ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6TSLyaHSi5Am8NCJwwAA%261104
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
content-length: 86
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a183FvmPLjWi14w6wd0jr6KyLn%2BA8yx96NRhV2b92NAfWImO6M66xwVo%2BsXvIu4hhNEZBkQQaFv1Y7dCt6Wl6flbLxISBwupjwnC7fcTMyeBUlT1OUyFkLJ5SEo3%2BtKFO4M7Wr9n"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6TSLyaHSi5Am8NCJwwAA%261104
cache-control: no-cache
cf-ray: 795e26d4f8ff68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame C14D
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6Tobtz9LxcBCJgFz5wAA%261204

86 B
696 B

16ms
15ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6Tobtz9LxcBCJgFz5wAA%261204
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
content-length: 86
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B916d%2BaUwpmZURawTeCyiwPLCP4Qqb09B0GtMT%2Fr2JYn64TWkkJpYkVI1zMQ%2BHnTH6Oz1kS6aJEBEH%2BDfXiKRHeq%2BsvX7wDIr97qdMiFM%2B94LehU72A8SfC%2By7lA8oa%2BbMd6497e"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.KW6Tobtz9LxcBCJgFz5wAA%261204
cache-control: no-cache
cf-ray: 795e26d4f8f468ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 64A9 855 B
728 B 122ms
25ms XHR
application/json 2a02:6ea0:f400::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:f400::4 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d9db0ba02426d917a997ec9eb1de668305ae4122cc73dd88c43e79ca0961661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-pop: zagrebHR
date: Tue, 07 Feb 2023 18:22:33 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 5291
x-77-nzt: AamW8oqjbGb/qxQAAA
x-accel-expires: @1676825662
last-modified: Tue, 07 Feb 2023 16:51:40 GMT
server: CDN77-Turbo
etag: W/"63e2819c-357"
x-77-nzt-ray: bcd92b1fbfb7b591e996e263d6c57d32
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H2

200

640bb404-a714-11ed-86e0-002590c0647c
an.yandex.ru/mapuid/adsniperis/ Frame 8FA1
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjprYqfBqIBEGQLtASnFBHthuAAJZDAZHw*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=640bb404-a714-11ed-86e0-002590c0647c
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=640bb404-a714-11ed-86e0-002590c0647c&bounce=1
https://sync.bumlam.com/?src=aid1&uid=nhryOs1GV5uXav2Zj%2BYVmg&
https://an.yandex.ru/mapuid/adsniperis/640bb404-a714-11ed-86e0-002590c0647c
https://an.yandex.ru/mapuid/adsniperis/640bb404-a714-11ed-86e0-002590c0647c?redir-setuniq=1

43 B
108 B

53ms
53ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/640bb404-a714-11ed-86e0-002590c0647c?redir-setuniq=1

Requested by

Host: link1s.com
URL: https://link1s.com/6EONEO5

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 18:22:34 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 07 Feb 2023 18:22:34 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 18:22:34 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/adsniperis/640bb404-a714-11ed-86e0-002590c0647c?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 07 Feb 2023 18:22:34 GMT

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 9F73 855 B
727 B 75ms
26ms XHR
application/json 2a02:6ea0:f400::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:f400::4 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d9db0ba02426d917a997ec9eb1de668305ae4122cc73dd88c43e79ca0961661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-pop: zagrebHR
date: Tue, 07 Feb 2023 18:22:33 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 5291
x-77-nzt: AamW8oqLuFn/qxQAAA
x-accel-expires: @1676825662
last-modified: Tue, 07 Feb 2023 16:51:40 GMT
server: CDN77-Turbo
etag: W/"63e2819c-357"
x-77-nzt-ray: bcd92b1fbfb7b591e996e26377338432
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 8370 855 B
727 B 45ms
26ms XHR
application/json 2a02:6ea0:f400::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:f400::4 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d9db0ba02426d917a997ec9eb1de668305ae4122cc73dd88c43e79ca0961661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-pop: zagrebHR
date: Tue, 07 Feb 2023 18:22:33 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 5291
x-77-nzt: AamW8opzHDf/qxQAAA
x-accel-expires: @1676825662
last-modified: Tue, 07 Feb 2023 16:51:40 GMT
server: CDN77-Turbo
etag: W/"63e2819c-357"
x-77-nzt-ray: bcd92b1fbfb7b591e996e26357258732
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4C01 16 KB
6 KB 24ms
23ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=22607
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 07 Feb 2023 18:22:33 GMT
expires: Wed, 08 Feb 2023 00:39:20 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0D8A 16 KB
6 KB 26ms
26ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=22607
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 07 Feb 2023 18:22:33 GMT
expires: Wed, 08 Feb 2023 00:39:20 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C757 16 KB
6 KB 24ms
24ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=22607
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 07 Feb 2023 18:22:33 GMT
expires: Wed, 08 Feb 2023 00:39:20 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 33FB 0
277 B 77ms
17ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Feb 2023 18:22:33 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame C14D 0
277 B 78ms
19ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Feb 2023 18:22:33 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 136C 0
277 B 80ms
22ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Feb 2023 18:22:33 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B1C9 0
863 B 8ms
8ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:33 GMT
AN-X-Request-Uuid: 395d8fd1-9a33-4c38-af1b-85c034285fd8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 658F 0
863 B 9ms
8ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:33 GMT
AN-X-Request-Uuid: a34159ad-2be5-41f3-a674-6561aad9eb51
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 33FB 0
239 B 12ms
12ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame C14D 0
239 B 27ms
15ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 136C 0
239 B 36ms
12ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 33FB
Redirect Chain

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881

86 B
812 B

17ms
16ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:34 GMT
content-length: 86
content-type: image/png

Redirect headers

location: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881
date: Tue, 07 Feb 2023 18:22:33 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame C14D
Redirect Chain

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881

86 B
812 B

15ms
14ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:34 GMT
content-length: 86
content-type: image/png

Redirect headers

location: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881
date: Tue, 07 Feb 2023 18:22:33 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0BE5 0
863 B 8ms
8ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 18:22:33 GMT
AN-X-Request-Uuid: 2203fa16-3a95-4f98-a4ff-dc62cd096dc2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame 136C
Redirect Chain

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881

86 B
812 B

17ms
16ms

Image
image/png

135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:34 GMT
content-length: 86
content-type: image/png

Redirect headers

location: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=8439582860916855881
date: Tue, 07 Feb 2023 18:22:34 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame EB4E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

24ms
23ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a440e22a-3d79-5226-acbb-451acf59d3ff&CACHEBUSTER=589219
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Feb 2023 18:22:34 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 07 Feb 2023 18:22:34 GMT
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EB4E 33 KB
10 KB 14ms
14ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07bdb215b4725fdc08a3aa5ef110a97212da1ec587f838d0d2ebdc145fe7513f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 04:39:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37002
Connection: keep-alive
Content-Length: 10006
Expires: Wed, 08 Feb 2023 04:39:16 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame EB4E 284 B
536 B 12ms
12ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

589219
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 8FA1
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/589219
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/589219

43 B
297 B

43ms
43ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/589219
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:34 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:34 GMT
strict-transport-security: max-age=2678400
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/589219
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 8FA1
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=a440e22a-3d79-5226-acbb-451acf59d3ff&expires=60
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=79b04f57-acc2-4297-8511-2f22765a5bb3

35 B
289 B

332ms
87ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=79b04f57-acc2-4297-8511-2f22765a5bb3
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:34 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://cache.betweendigital.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Location: //e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=79b04f57-acc2-4297-8511-2f22765a5bb3
Date: Tue, 07 Feb 2023 18:22:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 /
onetag-sys.com/usync/ Frame 505E 0
0 14ms
14ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a440e22a-3d79-5226-acbb-451acf59d3ff&CACHEBUSTER=589219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame D1F1 0
128 B 166ms
155ms Script
text/plain 104.36.113.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 viewability Show response
anz.audiencemanager.de/log/ad/ Frame A826 43 B
295 B 46ms
46ms Fetch
image/gif 3.251.34.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anz.audiencemanager.de/log/ad/viewability?id=63c50f5f293004695e28b70d&adId=e33e2063e296e5ed5f49396608556291737444&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&ntuId=820c4f0716fb32e19e5010e56698d3228178a0976b0a6b7b98fc5f4f846bb522&cb=1675802734&lsUserId=null&time=5&percentage=100&hless=0&jsCurl=https%3A%2F%2Flink1s.com%2F6EONEO5
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.34.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-34-9.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:35 GMT
server: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by: PHP/7.2.9
requestid: 24bb8363e296eb538001138798791778539907
content-type: image/gif
status: 200 OK
hostname: 10-0-13-90
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
responsetime: 6
content-length: 43

GET
H2 200 view
liift-trc.audiencemanager.de/ Frame A826 0
0 33ms
33ms Fetch
text/html 54.72.202.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://liift-trc.audiencemanager.de/view?dataRequestId=1022933008400276197&campaignId=63c53984745a1feac2025ff2&tagId=23739255&w=970&h=250&cb=1675802840&time=5&percent=100&hless=0&jscurl=https%3A%2F%2Flink1s.com%2F6EONEO5
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.202.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-202-70.eu-west-1.compute.amazonaws.com
Software: swoole-http-server /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:35 GMT
cache-control: no-cache
server: swoole-http-server
content-length: 0
content-type: text/html

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 64A9 0
0 22ms
20ms Image
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2

204

pbscookie
a.vidoomy.com/api/rtbserver/ Frame 64A9
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8439582860916855881&vid=a6f37f0123013099a595be2217fc435a&dspid=adf

0
195 B

142ms
31ms

Image
text/plain

52.58.67.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8439582860916855881&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 52.58.67.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-161.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:35 GMT
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8439582860916855881&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
date: Tue, 07 Feb 2023 18:22:35 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 64A9 0
191 B 158ms
155ms Image
text/plain 209.25.233.254
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3DCEN
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.25.233.254 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 07 Feb 2023 18:22:34 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

204

pbscookie
a.vidoomy.com/api/rtbserver/ Frame 9F73
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8439582860916855881&vid=a6f37f0123013099a595be2217fc435a&dspid=adf

0
195 B

147ms
37ms

Image
text/plain

52.58.67.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8439582860916855881&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 52.58.67.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-161.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:35 GMT
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=8439582860916855881&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
date: Tue, 07 Feb 2023 18:22:35 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9F73 0
0 33ms
30ms Image
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/ Frame 9F73
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=79b04f57-acc2-4297-8511-2f22765a5bb3&google_hm=NzliMDRmNTctYWNjMi00Mjk3LTg1MTEtMmYyMjc2NWE1YmIz
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE00SOTh3yOKTWo937nEbSo&google_cver=1&ssp=vidoomy&bsw_param=79b04f57-acc2-4297-8511-2f22765a5bb3
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=79b04f57-acc2-4297-8511-2f22765a5bb3

43 B
467 B

7ms
7ms

Image
image/gif

52.58.67.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=79b04f57-acc2-4297-8511-2f22765a5bb3
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 52.58.67.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-161.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:35 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=79b04f57-acc2-4297-8511-2f22765a5bb3
Date: Tue, 07 Feb 2023 18:22:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8370 0
0 23ms
21ms Image
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8370 0
191 B 156ms
154ms Image
text/plain 209.25.233.254
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3DCEN
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 209.25.233.254 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 07 Feb 2023 18:22:35 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

204

pbscookie
a.vidoomy.com/api/rtbserver/ Frame 8370
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx&ox_sc=1
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4e0d4b33-0dbb-4af0-b4bd-e151fe5d7c9b&vid=a6f37f0123013099a595be2217fc435a&dspid=openx

0
196 B

43ms
9ms

Image
text/plain

52.58.67.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4e0d4b33-0dbb-4af0-b4bd-e151fe5d7c9b&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 52.58.67.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-161.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 18:22:35 GMT
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:35 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4e0d4b33-0dbb-4af0-b4bd-e151fe5d7c9b&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: e8khfeptsc1iqpku8r8cnlce20fke8jd

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 20C3 1 KB
1 KB 14ms
13ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15217532&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c1dae9b962060f0be54145b8eb5a964ce07d5f0ef3e962dafcbc2157c3c8a10c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 07 Feb 2023 18:22:34 GMT
content-length: 1031
content-type: text/html; charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5ED2 1 KB
1 KB 13ms
13ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12397426&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c1dae9b962060f0be54145b8eb5a964ce07d5f0ef3e962dafcbc2157c3c8a10c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 07 Feb 2023 18:22:35 GMT
content-length: 1031
content-type: text/html; charset=UTF-8

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame F05E 43 B
282 B 81ms
14ms Document
image/gif 173.231.180.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ams-delivery-4.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Tue, 07 Feb 2023 18:22:36 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-1

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 25D1
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=3xgqnz1wlox8

42 B
291 B

154ms
154ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=3xgqnz1wlox8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Tue, 07 Feb 2023 18:22:36 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=3xgqnz1wlox8
lws: 125
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 92BC
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:595CD457632A41A8BC85F50B666EBC78&gdpr=0&gdpr_consent=

1 B
53 B

154ms
153ms

Document
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:595CD457632A41A8BC85F50B666EBC78&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:22:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Tue, 07 Feb 2023 18:22:36 GMT
expires: Mon, 06 Feb 2023 18:22:36 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:595CD457632A41A8BC85F50B666EBC78&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 20C3
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent=

42 B
602 B

28ms
28ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Server: 77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:40 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:40 GMT
frontend-id: 2
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 20C3 95 B
193 B 23ms
21ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 795e26e3286f3a6c-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200

p
a.audrte.com/ Frame 20C3
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
https://a.audrte.com/p

68 B
424 B

98ms
98ms

Image
image/png

35.172.92.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Server: 35.172.92.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-92-2.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:36 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 07 Feb 2023 18:22:36 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 20C3
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2320150942
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677

0
284 B

65ms
19ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:35 GMT
via: 1.1 google
last-modified: Tue, 07 Feb 2023 18:22:36 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
date: Tue, 07 Feb 2023 18:22:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 5ED2
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

31ms
31ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Server: 77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:40 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:40 GMT
frontend-id: 2
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5ED2 95 B
152 B 21ms
20ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 795e26e338733a6c-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200

p
a.audrte.com/ Frame 5ED2
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
https://a.audrte.com/p

68 B
424 B

97ms
97ms

Image
image/png

35.172.92.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: HTTP/1.1
Server: 35.172.92.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-92-2.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 18:22:36 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 07 Feb 2023 18:22:36 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 5ED2
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=9004281
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677

0
45 B

65ms
20ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:35 GMT
via: 1.1 google
last-modified: Tue, 07 Feb 2023 18:22:36 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
date: Tue, 07 Feb 2023 18:22:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 815E 43 B
281 B 73ms
15ms Document
image/gif 173.231.180.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ams-delivery-4.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Tue, 07 Feb 2023 18:22:36 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-1

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2943
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=g4vq6wj9qjhd

42 B
416 B

154ms
154ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=g4vq6wj9qjhd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 07 Feb 2023 18:22:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Tue, 07 Feb 2023 18:22:36 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=g4vq6wj9qjhd
lws: 90
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E226
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:595CD457632A41A8BC85F50B666EBC78&gdpr=0&gdpr_consent=

1 B
53 B

154ms
153ms

Document
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:595CD457632A41A8BC85F50B666EBC78&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:22:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Tue, 07 Feb 2023 18:22:36 GMT
expires: Mon, 06 Feb 2023 18:22:36 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:595CD457632A41A8BC85F50B666EBC78&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4C01 188 B
457 B 13ms
12ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27936492&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6d7762c8c8c9541d25da5994f33f396e499338d8753afbc732efd07dd34d61fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 07 Feb 2023 18:22:35 GMT
content-length: 188
content-type: text/html; charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C757 188 B
355 B 13ms
12ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72543402&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6d7762c8c8c9541d25da5994f33f396e499338d8753afbc732efd07dd34d61fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 07 Feb 2023 18:22:36 GMT
content-length: 188
content-type: text/html; charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0D8A 188 B
336 B 13ms
13ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23919680&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6d7762c8c8c9541d25da5994f33f396e499338d8753afbc732efd07dd34d61fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 07 Feb 2023 18:22:36 GMT
content-length: 188
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK setuid Show response
user-sync.adxpremium.services/ Frame F58D 86 B
952 B 15ms
14ms Document
image/png 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 86
content-type: image/png
date: Tue, 07 Feb 2023 18:22:36 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 4C01 49 B
265 B 165ms
163ms Image
image/gif 184.169.232.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.232.193 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-232-193.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:36 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.41.15.136
content-length: 49
expires: 0

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame C757 49 B
264 B 164ms
163ms Image
image/gif 184.169.232.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.232.193 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-232-193.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:36 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.41.8.246
content-length: 49
expires: 0

GET
H/1.1 200
OK setuid Show response
user-sync.adxpremium.services/ Frame 8D3A 86 B
952 B 16ms
15ms Document
image/png 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 86
content-type: image/png
date: Tue, 07 Feb 2023 18:22:36 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 0D8A 49 B
265 B 163ms
163ms Image
image/gif 184.169.232.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.169.232.193 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-184-169-232-193.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:36 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.41.22.144
content-length: 49
expires: 0

GET
H/1.1 200
OK setuid Show response
user-sync.adxpremium.services/ Frame 76C1 86 B
952 B 15ms
15ms Document
image/png 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 86
content-type: image/png
date: Tue, 07 Feb 2023 18:22:36 GMT

GET
H/1.1 200
OK setuid Show response
user-sync.adxpremium.services/ Frame 64A9 86 B
1 KB 15ms
14ms Document
image/png 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 86
content-type: image/png
date: Tue, 07 Feb 2023 18:22:37 GMT

GET
H/1.1 200
OK setuid Show response
user-sync.adxpremium.services/ Frame 8370 86 B
1 KB 15ms
14ms Document
image/png 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 86
content-type: image/png
date: Tue, 07 Feb 2023 18:22:37 GMT

GET
H/1.1 200
OK setuid Show response
user-sync.adxpremium.services/ Frame 9F73 86 B
1 KB 15ms
15ms Document
image/png 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 86
content-type: image/png
date: Tue, 07 Feb 2023 18:22:37 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 20C3 0
128 B 170ms
168ms Script
text/plain 104.36.113.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:37 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 5ED2 0
48 B 169ms
168ms Script
text/plain 104.36.113.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:37 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7D14 15 KB
6 KB 19ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=link1s.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 18:22:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 1032078
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET /
link1s.com/sbbi/ Frame D9DF 0
0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7D14
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=link1s.com&sn=ChromeSyncframe&so=3&topUrl=link1s.com&bundle=VcZ49l8yVmVYZ0VkWURhenhCeCUyQkJ0dWtyNndlNXJEY3MlMkZqNU1SOHZUbWJiVHd1TXhvS1Ridn...
https://mug.criteo.com/sid?cpp=Gs_6cHxqdS9ncWQ4aUNocndUbTJZc3h0Y2xMK1IyYStEYlBsTUJPS3ltVE9VNC9hRjhpdU5aWlFhby9ma0RiYW1jc0xnZm44U2lzNVFMV2NaOS92cnFBeFhZb3FOSHNER21Gdk1OVFoyUDZERlpPUk8wWmdEdStTZzhVNm...

443 B
654 B

23ms
23ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Gs_6cHxqdS9ncWQ4aUNocndUbTJZc3h0Y2xMK1IyYStEYlBsTUJPS3ltVE9VNC9hRjhpdU5aWlFhby9ma0RiYW1jc0xnZm44U2lzNVFMV2NaOS92cnFBeFhZb3FOSHNER21Gdk1OVFoyUDZERlpPUk8wWmdEdStTZzhVNmFGaU9FdFk3REpJSTlRU0RHMkhLQ1lOa2NFYmZna012Vm5VZEVkMlpHckZlbUcxUHZweXdsVCtPYTgrREJUSWVwcnB3U0FZWVZ6TXRwNmVrdmd5RlNHWXpaUEFoQ0taWWZ4UkFWZTdRTW95dTRFQ3A5bHcvVjZNN25EcW5vaFh0OTJsZlZJWGQ4b0IvK0N4U3JDcjVQMVo1SGl1eS9ucWN4cE1yVGQzdjl0azdzMWYzRzdJMD18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

64b9985551bd2633014dfd4e0815a6237102e0f3be66e02a7287acfa0d428e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 6749065
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:22:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Gs_6cHxqdS9ncWQ4aUNocndUbTJZc3h0Y2xMK1IyYStEYlBsTUJPS3ltVE9VNC9hRjhpdU5aWlFhby9ma0RiYW1jc0xnZm44U2lzNVFMV2NaOS92cnFBeFhZb3FOSHNER21Gdk1OVFoyUDZERlpPUk8wWmdEdStTZzhVNmFGaU9FdFk3REpJSTlRU0RHMkhLQ1lOa2NFYmZna012Vm5VZEVkMlpHckZlbUcxUHZweXdsVCtPYTgrREJUSWVwcnB3U0FZWVZ6TXRwNmVrdmd5RlNHWXpaUEFoQ0taWWZ4UkFWZTdRTW95dTRFQ3A5bHcvVjZNN25EcW5vaFh0OTJsZlZJWGQ4b0IvK0N4U3JDcjVQMVo1SGl1eS9ucWN4cE1yVGQzdjl0azdzMWYzRzdJMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 703771
content-length: 0
expires: 0

GET
H2 200 viewability Show response
anz.audiencemanager.de/log/ad/ Frame A826 43 B
295 B 36ms
35ms Fetch
image/gif 3.251.34.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anz.audiencemanager.de/log/ad/viewability?id=63c50f5f293004695e28b70d&adId=e33e2063e296e5ed5f49396608556291737444&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&ntuId=820c4f0716fb32e19e5010e56698d3228178a0976b0a6b7b98fc5f4f846bb522&cb=1675802734&lsUserId=null&time=10&percentage=100&hless=0&jsCurl=https%3A%2F%2Flink1s.com%2F6EONEO5
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.34.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-34-9.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:40 GMT
server: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by: PHP/7.2.9
requestid: 24bb8363e296f0539460345653921919570582
content-type: image/gif
status: 200 OK
hostname: 10-0-13-90
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
responsetime: 5
content-length: 43

GET
H2 200 view
liift-trc.audiencemanager.de/ Frame A826 0
0 34ms
34ms Fetch
text/html 54.72.202.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://liift-trc.audiencemanager.de/view?dataRequestId=1022933008400276197&campaignId=63c53984745a1feac2025ff2&tagId=23739255&w=970&h=250&cb=1675802840&time=10&percent=100&hless=0&jscurl=https%3A%2F%2Flink1s.com%2F6EONEO5
Requested by: Host: link1s.com
URL: https://link1s.com/6EONEO5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.202.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-202-70.eu-west-1.compute.amazonaws.com
Software: swoole-http-server /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:22:40 GMT
cache-control: no-cache
server: swoole-http-server
content-length: 0
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: link1s.com
URL: https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=QA

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

131 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
link1s.com/	1969-12-31 23:59:59	Name: SPSI Value: d38e7277fcf99beeaa3871f2c14617f7
link1s.com/	1969-12-31 23:59:59	Name: SPSE Value: P2r6Wzed4iJ2HtoB8pcDEnrLQFTMe8L/d7RiNtxAEsvwKOnf4VOVN5lELZa8zR+/U2F2FsVJFeX8p0dkGTsArQ==
link1s.com/	1970-01-20 09:30:01	Name: spcsrf Value: 5caa4c8eeea07f1f9b4f2740e96af422
link1s.com/	1969-12-31 23:59:59	Name: AppSession Value: 0idisktodecocn6v175q5f7qqj
link1s.com/	1969-12-31 23:59:59	Name: csrfToken Value: 238b4bfed4a7b549e3e42267c2420569c7f47c7c86ccd8432034ac75093dcc318b7d72d459eee67a28c286a23a610a6fb20915b3a6da048746b51029c45bb6ce
link1s.com/	1970-01-20 09:29:54	Name: sp_lit Value: lxVFZW+5LvIZoIlwKhzP3w==
.link1s.com/	1970-01-20 19:05:54	Name: _ga Value: GA1.2.657712977.1675794149
.link1s.com/	1970-01-20 09:31:20	Name: _gid Value: GA1.2.311395970.1675794149
.link1s.com/	1970-01-20 09:29:54	Name: _gat_gtag_UA_129758818_7 Value: 1
link1s.com/	1969-12-31 23:59:59	Name: PRLST Value: QA
link1s.com/	1970-01-20 13:49:06	Name: UTGv2 Value: h4f1d2a26bb25517911d65a0d9a2ce203670
.lv.adocean.pl/	1970-01-20 18:58:42	Name: GAD Value: KlQC1RMGQMGG1wi17BShBqlissGMXP8cERySssX6nssGvaGpI7EPoSJZL1BGG7_DGtGiXD3nGLGK4rH8G9krsss6Ss8.
link1s.com/	1970-01-20 10:13:06	Name: _pbjs_userid_consent_data Value: 3524755945110770
.hit.gemius.pl/	1970-01-20 18:58:42	Name: Gdyn Value: KlGKXMGGQMQGILUelQShBqlissGMD19cL6nxGsRP5SbtGKGGqXj5LGllleX2GGiNxFm_ERSG
.betweendigital.com/	1970-01-20 18:15:30	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 18:15:30	Name: ss Value: 1
.betweendigital.com/	1970-01-20 18:15:30	Name: unm Value: 1
.betweendigital.com/	1970-01-20 18:15:30	Name: tuuid Value: a440e22a-3d79-5226-acbb-451acf59d3ff
.adnxs.com/	1970-01-20 11:39:30	Name: uuid2 Value: 1897824813687407767
link1s.com/	1970-01-20 09:29:55	Name: stpdOrigin Value: {"origin":"direct"}
.adnxs.com/	1970-01-20 11:39:30	Name: icu Value: ChgI6fZ8EAoYAiACKAIw5a2KnwY4AkACSAIQ5a2KnwYYAQ..
.rlcdn.com/	1970-01-20 18:15:30	Name: rlas3 Value: liy9FtJ1rncDH7EdMdv+K0jkOLKUiMEKGWtCDS1ksGg=
.rlcdn.com/	1970-01-20 10:56:18	Name: pxrc Value: COWtip8GEgYIkLwrEAA=
.company-target.com/	1970-01-20 19:05:54	Name: tuuid Value: 3fa0b30c-b408-46d3-983d-4728a962a37a
.company-target.com/	1970-01-20 19:05:54	Name: tuuid_lu Value: 1675794149
.tapad.com/	1970-01-20 10:56:18	Name: TapAd_TS Value: 1675794149749
.tapad.com/	1970-01-20 10:56:18	Name: TapAd_DID Value: f565fc1f-03ac-4b0c-a193-1a10aac323da
link1s.com/	1969-12-31 23:59:59	Name: ab Value: 2
.onaudience.com/	1970-01-20 18:15:30	Name: cookie Value: 3fbaf68782d26bc4
.onaudience.com/	1970-01-20 09:31:20	Name: done_redirects147 Value: 1
.id5-sync.com/	1970-01-20 09:29:54	Name: cf Value:
.id5-sync.com/	1970-01-20 09:29:54	Name: cip Value:
.id5-sync.com/	1970-01-20 09:29:54	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:29:54	Name: car Value:
.id5-sync.com/	1970-01-20 09:29:54	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:29:54	Name: callback Value:
.link1s.com/	1970-01-20 10:10:13	Name: sharedid Value: d3ed39d2-ff74-46e0-9dc5-55e301eb8e49
.hit.gemius.pl/	1970-01-20 09:39:58	Name: grtb_hc_data_redir_xnjrkiktyj Value: 1
.zeotap.com/	1970-01-20 18:15:30	Name: zc Value: 872cbdf4-c1b4-4648-46e5-fab299c994cc
.zeotap.com/	1970-01-20 09:31:20	Name: zsc Value: %1E%97%10%E8%04%0B%95%09g%A0%1180%92%E36%89f6%D4%C9%B4%B7%C2%9Eo%AC%C5%D4%C9%8C4Qq%D0%0E%18q%09%E0%E7D%D6%9Fd+7.2%DA%BBh%E4l9%A3%14%0E%DBk%CD%E9%9E%9B%CB%3E%B1%F9%21M%068%1A%AC%2Be%8A%90%D6%EB%FB%FCI
.link1s.com/	1970-01-20 18:51:30	Name: cto_bundle Value: VcZ49l8yVmVYZ0VkWURhenhCeCUyQkJ0dWtyNndlNXJEY3MlMkZqNU1SOHZUbWJiVHd1TXhvS1Ridng1RVRtbGtXVUpNbHFzUTZObnhEeFc0eHNxOW51M0d1Q09Jem5iazlKZTJVRSUyRnRicEhhMk1HQ3JvYzRlOElTOTQlMkJmNmpSa3hEMGpEc0Ix
.link1s.com/	1970-01-20 18:51:30	Name: cto_bidid Value: RAboRl9NU0hId29HR05tdG85M3VseEdKNkdWTFhpZloza3B3JTJCbGVOR1BkVjQ3eTV4TklEbjlFNzF1YWpIYyUyRiUyRlhMbjlZRDNxQ2hOT20yZzdyaTBoU2Zsd0NrQSUzRCUzRA
.redintelligence.net/	1970-01-20 11:39:30	Name: 8lcfmzhxc8d6_uid Value: 126247cb0cefeb13
.doubleclick.net/	1970-01-20 18:51:30	Name: IDE Value: AHWqTUmLv9LscqlP1qT9J1l3cJwe_795GxCEHgv0rIvkqZfncGRiHhUAuHL8AkkHOt8
.mathtag.com/	1970-01-20 18:55:49	Name: uuid Value: c7fe63e2-96e6-4d00-be93-63a4dbc07294
.cpx.to/	1970-01-20 18:15:30	Name: cpSess Value: d0f239a497cffa5
.amazon-adsystem.com/	1970-01-20 15:09:44	Name: ad-id Value: A5a-0ZI9u0HLsAB9p4x-Ua4
.amazon-adsystem.com/	1970-01-20 19:05:54	Name: ad-privacy Value: 0
.retailads.net/	1970-01-20 10:13:06	Name: ppb2172 Value: 2219836856
.cpx.to/	1970-01-20 18:15:30	Name: dsp_app_nexus Value: 1897824813687407767#1675794150282
.futalis.de/	1970-01-20 10:56:18	Name: raSIDb Value: 2219836856
.cpx.to/	1970-01-20 18:15:30	Name: dsp_dbm Value: CAESENQfgxqDAmai4GvclcYrSfg#1675794150317
.office-partner.de/	1970-01-20 19:05:54	Name: source Value: {"webgains_webgains":{"timestamp":1675794150400,"clickCookie":false}}
pb.media01.eu/	1970-01-20 19:05:54	Name: DTU Value: FDAFC900A998C24BEA4375F93AB02BE6
.quantserve.com/	1970-01-20 19:00:08	Name: mc Value: 63e296e6-ac537-e90c3-bc250
.link1s.com/	1970-01-20 18:54:22	Name: __qca Value: P0-1641708056-1675794150565
.pubmatic.com/	1970-01-20 18:15:30	Name: KADUSERCOOKIE Value: 7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677
.cpx.to/	1970-01-20 18:15:30	Name: dsp_pubmatic Value: 7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677#1675794150948
link1s.com/	1969-12-31 23:59:59	Name: adOtr Value: 7e32d78f7fc
.adhigh.net/	1970-01-20 18:15:30	Name: gi_u Value: usP29rwFbMO3.AikABlGGLR1-jA
.adhigh.net/	1970-01-20 18:15:30	Name: btw_sync Value: LKpv
.adform.net/	1970-01-20 10:10:13	Name: C Value: 1
.adfarm1.adition.com/	1970-01-20 11:39:30	Name: UserID1 Value: 7197481081972193431
.adform.net/	1970-01-20 10:56:18	Name: uid Value: 8439582860916855881
.ctnsnet.com/	1970-01-20 18:15:30	Name: cid_b64b60f732364a378e387ef631fb6d16 Value: 1
.onaudience.com/	1970-01-20 09:31:20	Name: done_redirects104 Value: 1
.fiftyt.com/	1970-01-20 18:15:30	Name: fifid Value: 1e593ecf-9676-4fa9-649d-8cb8d4a16b12
.fiftyt.com/	1970-01-20 18:15:30	Name: cs Value: MTY3NTc5NDE1M3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fGIdZ9XYRZCllS4unwlwfvW7Kwm1QW-NCvgWFUvRxDlj
.1rx.io/	1970-01-20 18:15:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5a75edf6-ede5-4ef4-81db-b47578f60a9d-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.simpli.fi/	1970-01-20 18:16:56	Name: suid Value: 595CD457632A41A8BC85F50B666EBC78
.fiftyt.com/	1970-01-20 09:39:58	Name: fppm Value: 20230207182233
.de17a.com/	1970-01-20 18:08:18	Name: guid Value: 1.428985312418118942
.turn.com/	1970-01-20 13:49:06	Name: uid Value: 2457898670943841534
.quantserve.com/	1970-01-20 11:39:30	Name: d Value: EPYBCwGeKPijAA
.everesttech.net/	1970-01-20 18:15:30	Name: everest_g_v2 Value: g_surferid~Y_KW6QADoAP_zQBh
ads.playground.xyz/	1970-01-20 09:39:44	Name: connect.sid Value: s%3AqJ9aTJQL1I8mY9IHETx-LVdMI_BJTSGf.grqZyRkdH70NdqjhirtFR7VFwkvL6XMWTllhXFKPpgg
.adsby.bidtheatre.com/	1970-01-20 09:39:58	Name: __kuid Value: 14f822ee-5b3f-4186-a735-3771e8acd545.445008153
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_80 Value: 16514-CAESEFh4dacoew5RULVNWycSMSA&KRTB&22987-CAESEFh4dacoew5RULVNWycSMSA&KRTB&23025-CAESEFh4dacoew5RULVNWycSMSA&KRTB&23386-CAESEFh4dacoew5RULVNWycSMSA
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_57 Value: 22776-1897824813687407767&KRTB&23339-1897824813687407767
.bidr.io/	1970-01-20 18:58:24	Name: bito Value: AAJ_iU7HxS4AACC44qOAyA
.bidr.io/	1970-01-20 18:58:24	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_1101 Value: 23040-7197481081972193431&KRTB&23278-7197481081972193431&KRTB&23369-7197481081972193431
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_391 Value: 22924-2229061586835553493&KRTB&23263-2229061586835553493
.yahoo.com/	1970-01-20 18:15:51	Name: A3 Value: d=AQABBOmW4mMCEEnY1bQi4T1qawR7UA-khacFEgEBAQHo42PsYwAAAAAA_eMAAA&S=AQAAAo08hULJF7vtfO2WP0MoBeI
.as.ck-ie.com/	1970-01-20 09:39:58	Name: CID Value: 3115bf065759613b436ca2405b84baa50cd65b01
.csync.loopme.me/	1970-01-20 11:38:03	Name: viewer_token Value: 6bae1ff2-9347-45b2-8941-f0e96fd7a971
.bidswitch.net/	1970-01-20 18:15:30	Name: c Value: 1675794153
.bidswitch.net/	1970-01-20 18:15:30	Name: tuuid_lu Value: 1675794153
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_27 Value: 16735-uid:c7fe63e2-96e6-4d00-be93-63a4dbc07294&KRTB&16736-uid:c7fe63e2-96e6-4d00-be93-63a4dbc07294&KRTB&23019-uid:c7fe63e2-96e6-4d00-be93-63a4dbc07294&KRTB&23114-uid:c7fe63e2-96e6-4d00-be93-63a4dbc07294
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_336 Value: 5844-428985312418118942
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_22 Value: 14911-2457898670943841534&KRTB&23150-2457898670943841534
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_153 Value: 1923-uswlpLXJJaChniOjv8ht87XPI6WhnSOkuc8BPSKS&KRTB&19420-uswlpLXJJaChniOjv8ht87XPI6WhnSOkuc8BPSKS&KRTB&22979-uswlpLXJJaChniOjv8ht87XPI6WhnSOkuc8BPSKS&KRTB&23403-uswlpLXJJaChniOjv8ht87XPI6WhnSOkuc8BPSKS
.analytics.yahoo.com/	1970-01-20 18:15:30	Name: IDSYNC Value: 18z8~29v6
sync.srv.stackadapt.com/	1970-01-20 18:15:30	Name: sa-user-id Value: s%3A0-72164b47-730f-403a-702d-0395c80fc441.hyyXi3VD6hmm10GfX%2BliCxzL6kv9HFc83BCd%2FuXad9Q
.srv.stackadapt.com/	1970-01-20 18:15:30	Name: sa-user-id-v2 Value: s%3AchZLR3MPQDpwLQOVyA_EQbKi0YY.krb3KcY8tS%2BdNiG7pUJ43migp5gH8coWjQZTBWuZOEM
.betweendigital.com/	1970-01-20 18:15:30	Name: ut Value: Y-KW6QAIUOgc5pt2woNuNQruJZ6ecTMo_5ptXw==
.tribalfusion.com/	1970-01-20 11:39:30	Name: ANON_ID Value: aPnseFwZcF1eoXarpfrg0w5vG6qPiIJOOpOIGtmGVkZcYon4262q4EDN6njOlFNTdf9dA37nRYFJNC7pI2oVnu
.bidswitch.net/	1970-01-20 18:15:30	Name: tuuid Value: 79b04f57-acc2-4297-8511-2f22765a5bb3
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_860 Value: 16335-chZLR3MPQDpwLQOVyA_EQbKi0YY&KRTB&23334-chZLR3MPQDpwLQOVyA_EQbKi0YY&KRTB&23417-chZLR3MPQDpwLQOVyA_EQbKi0YY&KRTB&23426-chZLR3MPQDpwLQOVyA_EQbKi0YY
.casalemedia.com/	1970-01-20 11:39:30	Name: CMPS Value: 1179
.casalemedia.com/	1970-01-20 18:15:30	Name: CMID Value: Y.KW6fhDinjgSSuLnpkJSAAA
.casalemedia.com/	1970-01-20 11:39:30	Name: CMPRO Value: 1179
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 2f63ea2d56ae3457
.bumlam.com/	1970-01-20 19:05:54	Name: suuid3 Value: IiQ2NDBiYjQwNC1hNzE0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.smartadserver.com/	1970-01-20 18:57:15	Name: pid Value: 5803091091849309759
.smartadserver.com/	1970-01-20 18:57:15	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 18:15:30	Name: csync Value: 127:AAJ_iU7HxS4AACC44qOAyA
.aidata.io/	1970-01-20 19:05:54	Name: __upin Value: nhryOs1GV5uXav2Zj+YVmg
.aidata.io/	1970-01-20 19:05:54	Name: __upints Value: 1675794153
.adxpremium.services/	1970-01-20 11:39:30	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiODQzOTU4Mjg2MDkxNjg1NTg4MSIsImV4cGlyZXMiOiIyMDIzLTAyLTIxVDE5OjIyOjM0LjA0MjYxNTc0NiswMTowMCJ9LCJpeCI6eyJ1aWQiOiJZLktXNlRvYnR6OUx4Y0JDSmdGejV3QUFcdTAwMjYxMjA0IiwiZXhwaXJlcyI6IjIwMjMtMDItMjFUMTk6MjI6MzMuODA0ODk0OTI0KzAxOjAwIn0sInNtYXJ0eWFkcyI6eyJ1aWQiOiI5YmFiNzAwODBkOThmNWNmZGFhOTVjOTRhYWMxNGVlOGVmZmE2YjQ4NjEzMGI0Y2Y3NDIyODc0N2EyNDlkNzM5IiwiZXhwaXJlcyI6IjIwMjMtMDItMjFUMTk6MjI6MzMuNDU4MTQ0MzM4KzAxOjAwIn19LCJiZGF5IjoiMjAyMy0wMi0wN1QxOToyMjozMy40NTgxNDQwMTMrMDE6MDAifQ==
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_699 Value: 22727-AAJ_iU7HxS4AACC44qOAyA
.yandex.ru/	1970-01-20 19:05:54	Name: yuidss Value: 8514201181675794154
.yandex.ru/	1970-01-20 19:05:54	Name: yandexuid Value: 8514201181675794154
.tns-counter.ru/	1970-01-20 18:15:30	Name: guid Value: 7E85681C63E296EAX1675794154
.pubmatic.com/	1970-01-20 10:13:06	Name: SPugT Value: 1675794153
.openx.net/	1970-01-20 18:15:30	Name: i Value: a47ffba5-1da3-46ee-85e7-e9ac1b218deb\|1675794155
.vidoomy.com/	1970-01-20 18:15:30	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6Ijc5YjA0ZjU3LWFjYzItNDI5Ny04NTExLTJmMjI3NjVhNWJiMyIsImV4cGlyZXMiOjE2NzgzODYxNTV9fX0=
.pubmatic.com/	1970-01-20 11:39:30	Name: SyncRTB3 Value: 1676937600%3A176_238_22_234_165_7_55_220_161_233_71_166_13_254_204_21_99_243_81_251_214_8_88_3_56_54%7C1676332800%3A223_2_15%7C1680912000%3A69%7C1678320000%3A203%7C1677024000%3A35%7C1676592000%3A63
.weborama.fr/	1970-01-20 18:55:49	Name: AFFICHE_W Value: xNa009gHzYPE21
.semasio.net/	1970-01-20 18:15:30	Name: SEUNCY Value: 8F449CD48F8A1619
.audrte.com/	1970-01-20 09:51:30	Name: arcki2 Value: f00JSIJQeO5S4ercfzwnlOHOQ!20220908!1675794156400!ip#178.162.209.134
.audrte.com/	1970-01-20 09:51:30	Name: arcki2_pubmatic Value: 7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677!20220908!1675794156404
.gammaplatform.com/	1970-01-20 09:31:20	Name: _aGeoIp Value: US\|San_Antonio
.gammaplatform.com/	1970-01-20 19:05:54	Name: _aUID Value: g4vq6wj9qjhd
.pubmatic.com/	1970-01-20 10:13:06	Name: KRTBCOOKIE_1310 Value: 23431-g4vq6wj9qjhd&KRTB&23446-g4vq6wj9qjhd
.pubmatic.com/	1970-01-20 10:13:06	Name: PugT Value: 1675794155
.ads.pubmatic.com/	1970-01-20 09:31:20	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 11:39:30	Name: chkChromeAb67Sec Value: 3
.pubmatic.com/	1970-01-20 09:31:20	Name: pi Value: 0:4
.pubmatic.com/	1970-01-20 11:39:30	Name: DPSync3 Value: 1676937600%3A235_219_241_221_201_197_226_227_245
.ads.pubmatic.com/	1970-01-20 09:31:20	Name: pubsyncexp Value: 1675815756890

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1675794148200/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1675794148200/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/_1675794148200/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/_1675794148200/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1675794148844/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1675794148844/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/_1675794148844/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/_1675794148844/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1675794148924/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1675794148924/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/_1675794148924/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/_1675794148924/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v94.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYMhgMUSTSXQXUhjW%2526gdpr%253D0%2526gdpr_consent%253D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3fbaf68782d26bc4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7BA99EF7-7C96-45D2-9FC3-5B5BF3FB5677&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-server.eu
ad.doubleclick.net
ad.turn.com
adlv.hit.gemius.pl
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.themoneytizer.com
adservice.google.com
adtrack.adleadevent.com
adv.office-partner.de
adx.adform.net
adxbid.info
ajax.googleapis.com
an.yandex.ru
analytics.webgains.io
anz.audiencemanager.de
ap.lijit.com
api.webgains.io
as.ck-ie.com
aud.pubmatic.com
bh.contextweb.com
bidder.criteo.com
boot.pbstck.com
c.cintnetworks.com
c.tmyzer.com
c1.adform.net
cache.betweendigital.com
cdn.adnxs.com
cdn.pbstck.com
cdn.retailads.net
cdn.track.production.webgains.team
ced.sascdn.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d2zur9cc2gf1tx.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
futalis.de
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hal9000.redintelligence.net
hal900018.redintelligence.net
hbopenbid.pubmatic.com
i.imgur.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
intake.pbstck.com
ipac.ctnsnet.com
liift-trc.audiencemanager.de
link1s.com
ls.hit.gemius.pl
lv.adocean.pl
m.exactag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
medialead.de
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
node.setupad.com
odr.mookie1.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pb.media01.eu
pixel-eu.onaudience.com
pixel-eu.onprospects.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
pubmatic-match.dotomi.com
pv.medialead.de
px.adhigh.net
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.cpx.to
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssp.web1s.com
ssum.casalemedia.com
static.criteo.net
stpd.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.mathtag.com
sync.srv.stackadapt.com
tag.leadplace.fr
tags.mathtag.com
token.rubiconproject.com
track.webgains.com
trc.audiencemanager.de
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
user-sync.adxpremium.services
vid.vidoomy.com
visitor.fiftyt.com
vpaid.vidoomy.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
link1s.com
104.36.113.107
104.36.113.111
104.96.145.246
108.128.16.246
13.248.245.213
135.125.163.79
141.94.170.77
141.94.171.213
141.94.240.143
141.94.242.206
142.250.186.134
142.250.186.34
142.251.39.6
144.76.91.199
145.239.193.130
145.239.193.51
145.40.88.5
146.59.30.104
15.197.193.217
151.101.1.108
151.101.2.49
151.101.65.108
151.139.128.10
151.236.118.210
157.90.40.26
159.65.196.12
159.89.246.130
159.89.25.223
162.19.138.116
172.64.154.237
173.231.180.197
178.250.0.163
178.250.2.146
18.130.177.194
18.144.106.164
18.169.219.247
18.215.132.94
18.66.15.16
184.169.232.193
185.106.140.18
185.184.8.90
185.29.132.245
185.29.134.245
185.64.189.115
185.86.139.57
188.42.191.196
193.232.150.149
195.201.152.107
195.5.165.20
198.148.27.140
199.232.16.193
2.16.186.26
2.18.233.201
2.18.36.193
2001:678:cb4:bbbb::11
2001:6d0:4001::226
204.237.133.116
204.237.133.247
209.25.233.254
213.155.156.180
213.19.147.45
213.202.235.9
216.52.2.48
23.37.42.132
2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348
2600:9000:211e:ba00:6:44e3:f8c0:93a1
2606:4700:10::6816:15d
2606:4700:10::6816:1957
2606:4700:10::ac43:1997
2606:4700:20::681a:8b2
2606:4700:20::ac43:4bf1
2606:4700::6812:19ad
2606:4700::6812:1e31
2606:4700::6812:272
2606:4700:e0::ac40:6705
2620:100:a005::17
2a00:1450:4001:802::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:400d:804::2008
2a00:1450:400d:805::2003
2a00:1450:400d:806::2002
2a00:1450:400d:806::200a
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2003
2a01:4f8:d0a:2321::2
2a02:2638::1c
2a02:2638::3
2a02:6b8::90
2a02:6ea0:c700::19
2a02:6ea0:f400::4
2a02:fa8:8806:13::1400
2a05:d018:d29:3605:bb48:7fbf:8788:cd62
2a0b:4d07:401::1
3.251.34.9
31.172.81.158
34.102.253.54
34.111.129.221
34.111.131.239
34.91.62.186
34.96.71.22
34.98.67.61
35.172.92.2
35.186.193.173
35.186.253.211
35.190.60.146
35.201.96.126
35.212.133.238
35.214.223.115
35.227.197.177
37.157.2.237
37.252.171.149
37.252.171.22
37.252.171.84
49.12.16.151
51.144.7.192
51.75.86.98
52.18.129.185
52.210.230.133
52.220.229.2
52.30.21.143
52.46.128.147
52.58.67.161
52.95.115.255
54.38.133.12
54.38.133.13
54.38.64.100
54.72.202.70
54.76.176.197
65.9.58.151
65.9.66.42
69.173.144.139
69.173.144.165
77.243.60.138
8.2.110.113
85.114.159.118
88.198.250.30
88.99.165.19
89.108.120.76
94.23.99.218
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
030a17400c9d927c20f409c868c05e478af9d628c80dfc669cb2d7d348d1afa8
0313c42048efbbd0b5ea187ac6bb5f9f6fb8a99776b3cb981c346243b8e0e978
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
07bdb215b4725fdc08a3aa5ef110a97212da1ec587f838d0d2ebdc145fe7513f
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0eaee741cff05047dc7513ffacf9c11ab52c277383f407cdc67d8d8f66991247
11df2dc07c63969d57ae27289c430fc5f630dd67616d73d73b02d0bb34c6340d
1558cb5226371cc0f5aeeccf65f4e3d833c5f2a61731b1d0e3b38afdabdc05ae
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19258dc4303d934eb1a25b3194f9b45d2543e69d8cc3aa86a44535020f2c7620
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
243ff4b38ca5fe323056ea75585fb66ec3ed73293eac13e7d215376f1418eb4a
25ed7fb38a25100c42289b33ef84dd115e4266393c8d8d32c29d45208358e172
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2a15822e997e4b7b172e4b1e4c1366dd01f10ff936a8971ce15510f207b5d25c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ba03f0403679507b35a2853531e10ccfd33d8460d72db2cf841d3ad79b44a4e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f0612c128c32bd7d8aa589e9009f764fd99c6601862151fd1ea82c30d436b6f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32d82a0e3a4c3971ef25823c2a240204b5afc35e4156af7f6a842374a03147e0
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e9997d651343a9a81e233f3527a1e5935c0a801c6338310ca1d1e031637fd12
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4490d0650e3dfb1cbad3fff7bd9d56e557e3894956c4ba05900723803fab21ff
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
519d5bd967e0830146e37151a545865f3d8ce232d3586b5f65e7bed8baefb871
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558db525f765f6ef667db94de5e0c1c3747ea20cc7d26983587ad607c0b9631f
562ffbe0429a2fba75097d2da54772d0d76ea731401f2575d5a00ca48649f21f
566b4487beba6a178a9503dbedc97d9b0d3104669a66a8cc8ba359469836a4e1
56790de2716fb106cfc5fe644691d28a64f8a48b0f0fd323195a3d324e4d7567
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59ffef33f33fcefc350de23b9fe8e788056dc0a17251b149281fd220d1a40453
5c3832e9c25021f23e5d62fd7540248aefaa10e31af5e05b10d8b585945584a9
5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b
6234203b7fb9d740f58301e4ada2e695dc6feda41f4aab6943ed94b79052cb7c
628df093648df73d0dbff4905ba7262d40e4e70bead5b3ae73ab4634965719fb
64b9985551bd2633014dfd4e0815a6237102e0f3be66e02a7287acfa0d428e1d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67d90400d1829d603aced4e20d203f6653fdb28061b1fac75776e00224c13a1b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af3f2a6d70631dc5b03d0c3bcff0909a86ff8afe8551f99134f7e6095929435
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7762c8c8c9541d25da5994f33f396e499338d8753afbc732efd07dd34d61fd
70ee840253a7cb7c07edabed96e9a7cf14e2099c8ee00fc0e1bebd6628d773fe
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
715f04a5234cb9ce8b69cc202ce11567d100f7c962280dcebfc9aebc3ed78b7a
720091510f2ad0e118fee5fde8e01bb538c7f8c0f681d43d3ec9eb72dbf53ddc
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
76f996a242105e9c09bc683f79ca9a344be26794c799276c127028acb445083d
77b71c8fcb2a0498210f38c4eca6c805ff7d7de400ae6ccd5beff7f250b5a88c
780c394c2a2511f243d7147563c59fbd2e6a08a00ba3fca56759f7ab16a4e1fe
7bb23de30daa7e81e2fafc5d2fbcada4b6fefc10c3251661952a341d6864aa8e
7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0
800ed566011846e9e5b739affdd94833f0bb0c36b058657f99fc3a61585a8d88
80e6a1c600a90557e1817df308d3c117be294c1846e41349e2219901ea38216b
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
81a21aa49d24881a8da8302aef6ed5877465508f4541f5209050a3289548a281
8256ebf4050f9291afd493a6dddac393220bd423c900ab33ef170842c4c0371c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83beb2bdff4436f039c100616058f2129e8b8abd5347447b575856c638807e59
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
85bb57a01daae26fd644b32f20338c7b07b59b9184c62b3aa99c8a8bd7e487f1
876626ded6c9d01e8764f738775f4c00a85312a5a63959ef7547cc6d1af5c506
8ab652176b7cd1a202dde9cb549ef7dc0f4077493741e24ee88ed3a8085a778a
8bc68e3cc95c7d1d23cd1dae9d9c086a74d8f24ea564421ce41e35115f8f2278
8ccc96d34716c152bc85fc7a61c3d5b116119e7796e32783fd8470cf364bda9e
8d50c6fc61cdafc3970102e5c7ebbe5dd73e594a93dda5693751121b982facf8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7617df8229ae6b8cf230e8c5381f94bc3974b6df2e76e6e31753d7ffd03b2d
8efb98d5b6710f1b4ea68608f2460312603e9ef40df965dda4ef131f6131ff4b
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
969e62eaa54e26c98a400bfbea54abfa2b626f540a1995cca6ed4c6b302979be
97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991e60adbc55433855ce64759668e08bbd8eb16c0cc809f5d21e7ab4e162e5b6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c9758144bcd45ed42a41b65ef12341715aaaeb03d994141718f1b6aef9dc8a0
9d9db0ba02426d917a997ec9eb1de668305ae4122cc73dd88c43e79ca0961661
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017
a23e6a52ffb757add1b2f9ca5c5e02adc7d6fd3618901166882f7536307459e0
a3767fe3074b34ca1d79cb9e6b862a69c047c51bb4cfad9379e553ef0f8eeb99
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
a83e75d1df5ce7fe326196e0494317e434153a1c25b6786a9ec676c6e302bd04
ad1075241aa892fe10fd2f06072fd9d2d88bc4f51e6bd32bcc8444d5997a1153
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b87e7525251fdec2074203e68604f561212ee675bcee8b3276b899bc869fe9b4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1dae9b962060f0be54145b8eb5a964ce07d5f0ef3e962dafcbc2157c3c8a10c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c6189f05898a5cf28b322192f64300908af500310a614a725ec7e9356c1af4dd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cd86a55a55b936889062659e5ef4bcd3f0144df05c8e3cceee41bb48eebdcc9a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736
d462c5f4590dfe368ec05d589ecb5646a674fe8319438384d960f88fa550c5cf
d69577de73b1b6f7ee6f71a6363e3b94dc6d51f608170374f65f29881ddb6910
d7a356494be8b4650ed08e788996c2c18f12cc04def182ec104f19cd249c3ad7
da5109bd07618648105067c223b4d26ae424d5ef45a164cdc1733def34ca2d1c
daa134f24883f8e8e029bc8dd1347469302f386d59b9ec09fa4333029bb9e978
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e15bd32ecd9207cb94bfdeda3d2388722b8eaad56adbb03cae97d04bb847474f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f45d06676750c089e4b298edf0e41ce675b323a2ba98b755b03af33e5a0e41
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee9923b738244929a3c2209848466bccd86eae3672fdef053a0272b60a9e0dfe
eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f085181d0ec92ec4d3225415024e9faddd385d5c7c8b68f1f1f3b5af9ef204f2
f18e048b4900819c423ca58a8c364bc235365adc821776269c4dd1d67268e4ea
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f237b730c5ab1623732efa457c7ee9dcf791150c2e97af5b1b374d823e20efda
f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11
f8d6060ea8e4b47ae87e9df3f019c545bdeb4dfa508ec82c748aa997015274e4
fb6ea9089178b18c66e8110965f05a461c772ce16debb14c3e61d4bae3e6c3ca
fbdc0a4eebff64ec52d2286002eda1a8caadd65069d7fa065188209abad4b8f8
fcb437012afe81a3f45af51fdb3b2f28cf09ed1c274d33fe5551d764babffac9
ffe904d4afa3bcc2777589cd235c2f06bc6f01a296cf3220eedf5ff474a4cad7

link1s.com Open in urlscan Pro 151.139.128.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

391 Requests

86 %HTTPS

24 %IPv6

106 Domains

155 Subdomains

109 IPs

15 Countries

3365 kBTransfer

8932 kBSize

131 Cookies

4 Outgoing links

Redirected requests

391 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

link1s.com Open in urlscan Pro
151.139.128.10 Public Scan

Screenshot
Live screenshot

Full Image

391
Requests

86 %
HTTPS

24 %
IPv6

106
Domains

155
Subdomains

109
IPs

15
Countries

3365 kB
Transfer

8932 kB
Size

131
Cookies

391 HTTP transactions
2 data transactions