contextual.media.net Open in urlscan Pro
2.18.235.93 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C20...
Submission: On October 21 via manual (October 21st 2021, 3:01:11 am UTC) from IN — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 17 domains to perform 23 HTTP transactions. The main IP is 2.18.235.93, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is contextual.media.net.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 12th 2021. Valid for: a year.

This is the only time contextual.media.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	63.215.202.137 63.215.202.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.195.106.43 18.195.106.43	16509 (AMAZON-02) (AMAZON-02)
1	18.157.150.79 18.157.150.79	16509 (AMAZON-02) (AMAZON-02)
1	34.199.73.116 34.199.73.116	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.198.220.83 18.198.220.83	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
23	12

12 2.18.235.93 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (Netherlands) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-usadmm.dotomi.com

medianet-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.106.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.150.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-150-79.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com

dmp.adblade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.220.83 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-220-83.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	media.net 1 redirects contextual.media.net hbx.media.net c21lg-d.media.net cs.media.net	35 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	902 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	990 B
2	openx.net 2 redirects us-u.openx.net	772 B
2	criteo.com 1 redirects gum.criteo.com dis.criteo.com	871 B
1	rlcdn.com id.rlcdn.com	66 B
1	adblade.com dmp.adblade.com	236 B
1	sharethrough.com match.sharethrough.com	38 B
1	bidswitch.net x.bidswitch.net	220 B
1	mathtag.com 1 redirects sync.mathtag.com	696 B
1	dotomi.com medianet-match.dotomi.com	104 B
1	sonobi.com sync.go.sonobi.com	474 B
1	rfihub.com 1 redirects p.rfihub.com	689 B
0	mobileadtrading.com Failed track-east.mobileadtrading.com Failed
23	17

	Domain	Requested by
6	contextual.media.net	contextual.media.net
3	cs.media.net	1 redirects contextual.media.net
2	ups.analytics.yahoo.com	1 redirects contextual.media.net
2	match.adsrvr.org	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	2 redirects
2	c21lg-d.media.net	contextual.media.net
2	eus.rubiconproject.com	contextual.media.net eus.rubiconproject.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	id.rlcdn.com	contextual.media.net
1	dmp.adblade.com	contextual.media.net
1	match.sharethrough.com	contextual.media.net
1	x.bidswitch.net	contextual.media.net
1	dis.criteo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	medianet-match.dotomi.com	contextual.media.net
1	sync.go.sonobi.com	contextual.media.net
1	p.rfihub.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	gum.criteo.com	contextual.media.net
1	hbx.media.net	contextual.media.net
0	track-east.mobileadtrading.com Failed	contextual.media.net
23	23

This site contains no links.

Subject Issuer	Validity	Valid
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
dmp.adblade.com R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: CD04732CC5FBE5C7AA68526741A48952
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 10A0B30DC0EBF23F40C47D598D285C31
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2777868679316573000V10&type=rkt&refUrl=&vid=47852671672777868679316573000V10&ovsid=5106307921584990320
Frame ID: 1533382458BE6367D179F9B608CE9EA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

17
Domains

23
Subdomains

12
IPs

6
Countries

48 kB
Transfer

127 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 3

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2777868679316573000V10%26type%3Drkt%26refUrl%3D%26vid%3D47852671672777868679316573000V10%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=2777868679316573000V10&type=rkt&refUrl=&vid=47852671672777868679316573000V10&ovsid=5106307921584990320

Request Chain 7

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2777868679316573000V10%26type%3Dopx%26refUrl%3D%26vid%3D47852671672777868679316573000V10%26ovsid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2777868679316573000V10%26type%3Dopx%26refUrl%3D%26vid%3D47852671672777868679316573000V10%26ovsid%3D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=2777868679316573000V10&type=opx&refUrl=&vid=47852671672777868679316573000V10&ovsid=776a3e4e-1022-034c-3006-692ba96b446e

Request Chain 8

https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2777868679316573000V10%26type%3Dmma%26refUrl%3D%26vid%3D47852671672777868679316573000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=2777868679316573000V10&type=mma&refUrl=&vid=47852671672777868679316573000V10&ovsid=a1f86170-d7f3-4500-87a1-a8724258a7d4

Request Chain 9

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjc3Nzg2ODY3OTMxNjU3MzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjc3Nzg2ODY3OTMxNjU3MzAwMFYxMA%3D%3D&google_sc=1&google_tc= HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENkphSIPpnZth3c3RQRcjo0&google_cver=1

Request Chain 10

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=142383ad-cc70-41a2-99e5-41907d7128ee

Request Chain 15

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2777868679316573000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2777868679316573000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=a7b10a09-ec34-4dde-af2c-4bd9f2468b46&cs=1

Request Chain 17

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5075e2d2-361b-4aea-bfd0-a59698fc4eb0

Request Chain 18

https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=0000EEA HTTP 302
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=0000EEA&verify=true

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request checksync.php Show response
contextual.media.net/ 37 KB
13 KB 62ms
39ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0043689ae0689229420d51e3264c431381031137cbb5611db02e872b82675e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 24 Apr 2022 03:01:07 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2777868679316573000V10; Expires=Fri, 21 Oct 2022 03:01:07 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 23 Oct 2021 03:01:07 GMT
date: Thu, 21 Oct 2021 03:01:07 GMT
content-length: 12455

GET
H2 200 pubcid.php Show response
hbx.media.net/ 57 KB
18 KB 20ms
12ms Script
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Thu, 21 Oct 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1800
content-length: 18543
x-mnet-hl2: E
expires: Thu, 21 Oct 2021 03:31:07 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 60 B
371 B 55ms
14ms Script
text/javascript 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 21 Oct 2021 03:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1425
content-length: 174
expires: 60

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 10A0
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

281 B
554 B

29ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=medianet
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://contextual.media.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Oct 2021 03:01:07 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=medianet
Date: Thu, 21 Oct 2021 03:01:07 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame 1533
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2777868679316573000V10%26type%3Drkt%26refUrl%3D%26vid%3D478526716727778686793165730...
https://contextual.media.net/cksync.html?cs=8&vsid=2777868679316573000V10&type=rkt&refUrl=&vid=47852671672777868679316573000V10&ovsid=5106307921584990320

220 B
731 B

45ms
45ms

Document
text/html

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=2777868679316573000V10&type=rkt&refUrl=&vid=47852671672777868679316573000V10&ovsid=5106307921584990320

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

421192a006149c26292f6690c2cb34bf0425ab74ae9ae0a47f8d3cd7a8c7c765

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /cksync.html?cs=8&vsid=2777868679316573000V10&type=rkt&refUrl=&vid=47852671672777868679316573000V10&ovsid=5106307921584990320
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://contextual.media.net/
accept-encoding: gzip, deflate, br
cookie: gdpr_status=1; visitor-id=2777868679316573000V10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/

Response headers

server: Apache
content-length: 220
content-type: text/html;charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 24 Apr 2022 03:01:07 GMT; domain=.media.net; Path=/; sameSite=none; secure=true data-rk=5106307921584990320~~8;Expires=Thu, 20 Oct 2022 03:01:07 GMT;path=/;domain=.media.net; sameSite=none; secure=true
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E
expires: Thu, 21 Oct 2021 03:01:07 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 21 Oct 2021 03:01:07 GMT

Redirect headers

Date: Thu, 21 Oct 2021 03:01:07 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNjU0MDM2MLc0MjS1MLG0NDA2MhDiM9T1NjC2SPPyLUrz8AmQ4jU0MzYxtzA1MjM3NrcAAM31zOg0AAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 15 Nov 2022 03:01:07 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjU0MDM2MLc0MjS1MLG0NDA2MhDiM9T1NjC2SPPyLUrz8AkAAC23QzwlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://contextual.media.net/cksync.html?cs=8&vsid=2777868679316573000V10&type=rkt&refUrl=&vid=47852671672777868679316573000V10&ovsid=5106307921584990320
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2 200 log
c21lg-d.media.net/ 35 B
194 B 171ms
148ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=2777868679316573000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 03:01:07 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 21 Oct 2021 03:01:07 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ 0
474 B 56ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2777868679316573000V10&type=son&refUrl=&vid=47852671672777868679316573000V10&ovsid=[UID]

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Oct 2021 03:01:07 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 current
medianet-match.dotomi.com/match/bounce/ 0
104 B 105ms
68ms Image
text/plain 63.215.202.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2777868679316573000V10%26type%3Dcon%26refUrl%3D%26vid%3D47852671672777868679316573000V10%26ovsid%3D%24UID
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-usadmm.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 03:01:07 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

cksync.html
contextual.media.net/
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2777868679316573...
https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D27778686793...
https://contextual.media.net/cksync.html?cs=8&vsid=2777868679316573000V10&type=opx&refUrl=&vid=47852671672777868679316573000V10&ovsid=776a3e4e-1022-034c-3006-692ba96b446e

220 B
220 B

28ms
27ms

Image
text/html

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=2777868679316573000V10&type=opx&refUrl=&vid=47852671672777868679316573000V10&ovsid=776a3e4e-1022-034c-3006-692ba96b446e

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:path: /cksync.html?cs=8&vsid=2777868679316573000V10&type=opx&refUrl=&vid=47852671672777868679316573000V10&ovsid=776a3e4e-1022-034c-3006-692ba96b446e
pragma: no-cache
cookie: gdpr_status=1; visitor-id=2777868679316573000V10; data-c-ts=1634785267; data-c=142383ad-cc70-41a2-99e5-41907d7128ee~~1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: contextual.media.net
referer: https://contextual.media.net/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 21 Oct 2021 03:01:07 GMT
vary: Accept-Encoding
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
set-cookie: gdpr_status=1; Expires=Sun, 24 Apr 2022 03:01:07 GMT; domain=.media.net; Path=/; sameSite=none; secure=true data-o=776a3e4e-1022-034c-3006-692ba96b446e~~8;Expires=Thu, 20 Oct 2022 03:01:07 GMT;path=/;domain=.media.net; sameSite=none; secure=true
content-type: text/html;charset=UTF-8
content-length: 220
x-mnet-hl2: E
expires: Thu, 21 Oct 2021 03:01:07 GMT

Redirect headers

date: Thu, 21 Oct 2021 03:01:07 GMT
content-encoding: gzip
server: OXGW/16.217.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://contextual.media.net/cksync.html?cs=8&vsid=2777868679316573000V10&type=opx&refUrl=&vid=47852671672777868679316573000V10&ovsid=776a3e4e-1022-034c-3006-692ba96b446e
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2777868679316573000V10%26type%3Dmma%26refUrl%3D%26vid%3D478526716727778686793165...
https://contextual.media.net/cksync.php?cs=8&vsid=2777868679316573000V10&type=mma&refUrl=&vid=47852671672777868679316573000V10&ovsid=a1f86170-d7f3-4500-87a1-a8724258a7d4

46 B
545 B

41ms
41ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=2777868679316573000V10&type=mma&refUrl=&vid=47852671672777868679316573000V10&ovsid=a1f86170-d7f3-4500-87a1-a8724258a7d4

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:path: /cksync.php?cs=8&vsid=2777868679316573000V10&type=mma&refUrl=&vid=47852671672777868679316573000V10&ovsid=a1f86170-d7f3-4500-87a1-a8724258a7d4
pragma: no-cache
cookie: gdpr_status=1; visitor-id=2777868679316573000V10
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: contextual.media.net
referer: https://contextual.media.net/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 21 Oct 2021 03:01:07 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
set-cookie: gdpr_status=1; Expires=Sun, 24 Apr 2022 03:01:07 GMT; domain=.media.net; Path=/; sameSite=none; secure=true data-mm=a1f86170-d7f3-4500-87a1-a8724258a7d4~~8;Expires=Thu, 20 Oct 2022 03:01:07 GMT;path=/;domain=.media.net; sameSite=none; secure=true
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Thu, 21 Oct 2021 03:01:07 GMT

Redirect headers

Date: Thu, 21 Oct 2021 03:01:07 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://contextual.media.net/cksync.php?cs=8&vsid=2777868679316573000V10&type=mma&refUrl=&vid=47852671672777868679316573000V10&ovsid=a1f86170-d7f3-4500-87a1-a8724258a7d4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 21 Oct 2021 03:01:06 GMT

GET
H2

200

cksync
cs.media.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjc3Nzg2ODY3OTMxNjU3MzAwMFYxMA%3D%3D&google_sc=1
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjc3Nzg2ODY3OTMxNjU3MzAwMFYxMA%3D%3D&google_sc=1&google_tc=
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENkphSIPpnZth3c3RQRcjo0&google_cver=1

46 B
527 B

45ms
37ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENkphSIPpnZth3c3RQRcjo0&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 03:01:07 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Thu, 21 Oct 2021 03:01:07 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Oct 2021 03:01:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENkphSIPpnZth3c3RQRcjo0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=142383ad-cc70-41a2-99e5-41907d7128ee

46 B
695 B

40ms
39ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=142383ad-cc70-41a2-99e5-41907d7128ee

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:path: /cksync.php?cs=1&type=crt&ovsid=142383ad-cc70-41a2-99e5-41907d7128ee
pragma: no-cache
cookie: gdpr_status=1; visitor-id=2777868679316573000V10
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: contextual.media.net
referer: https://contextual.media.net/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 21 Oct 2021 03:01:07 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
set-cookie: gdpr_status=1; Expires=Sun, 24 Apr 2022 03:01:07 GMT; domain=.media.net; Path=/; sameSite=none; secure=true data-c-ts=1634785267;Expires=Sat, 20 Nov 2021 03:01:07 GMT;path=/;domain=.media.net; sameSite=none; secure=true data-c=142383ad-cc70-41a2-99e5-41907d7128ee~~1;Expires=Sat, 20 Nov 2021 03:01:07 GMT;path=/;domain=.media.net; sameSite=none; secure=true
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Thu, 21 Oct 2021 03:01:07 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Oct 2021 03:01:07 GMT
server: Kestrel
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=142383ad-cc70-41a2-99e5-41907d7128ee
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 868802
content-length: 0
expires: Thu, 21 Oct 2021 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ 43 B
220 B 37ms
7ms Image
image/gif 18.195.106.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.106.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 03:01:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 404 v1
match.sharethrough.com/media.net/ 0
38 B 45ms
7ms Image
text/plain 18.157.150.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/media.net/v1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.150.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-150-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:01:07 GMT
content-length: 0

GET usersync
track-east.mobileadtrading.com/ 0
0

GET
H/1.1 200
OK /
dmp.adblade.com/srv/sync/gateway/ 43 B
236 B 302ms
97ms Image
image/gif 34.199.73.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-73-116.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 03:01:07 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2777868679316573000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2777868679316573000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=a7b10a09-ec34-4dde-af2c-4bd9f2468b46&cs=1

46 B
544 B

29ms
29ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=a7b10a09-ec34-4dde-af2c-4bd9f2468b46&cs=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:path: /cksync.php?type=mf&ovsid=a7b10a09-ec34-4dde-af2c-4bd9f2468b46&cs=1
pragma: no-cache
cookie: gdpr_status=1; visitor-id=2777868679316573000V10; data-c-ts=1634785267; data-c=142383ad-cc70-41a2-99e5-41907d7128ee~~1; data-rk=5106307921584990320~~8; data-mm=a1f86170-d7f3-4500-87a1-a8724258a7d4~~8; data-g=CAESENkphSIPpnZth3c3RQRcjo0~~8; data-o=776a3e4e-1022-034c-3006-692ba96b446e~~8
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: contextual.media.net
referer: https://contextual.media.net/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 21 Oct 2021 03:01:07 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
set-cookie: gdpr_status=1; Expires=Sun, 24 Apr 2022 03:01:07 GMT; domain=.media.net; Path=/; sameSite=none; secure=true data-mf=a7b10a09-ec34-4dde-af2c-4bd9f2468b46~~1;Expires=Fri, 21 Oct 2022 03:01:07 GMT;path=/;domain=.media.net; sameSite=none; secure=true
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Thu, 21 Oct 2021 03:01:07 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=a7b10a09-ec34-4dde-af2c-4bd9f2468b46&cs=1
Date: Thu, 21 Oct 2021 03:01:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 451 710489.gif
id.rlcdn.com/ 0
66 B 68ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/710489.gif
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:01:07 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

cksync
cs.media.net/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5075e2d2-361b-4aea-bfd0-a59698fc4eb0

46 B
532 B

26ms
26ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5075e2d2-361b-4aea-bfd0-a59698fc4eb0
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 03:01:07 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Thu, 21 Oct 2021 03:01:07 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Oct 2021 03:01:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5075e2d2-361b-4aea-bfd0-a59698fc4eb0
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/58222/
Redirect Chain

https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=0000EEA
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=0000EEA&verify=true

0
735 B

11ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=0000EEA&verify=true

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 03:01:07 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Thu, 21 Oct 2021 03:01:07 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=0000EEA&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2 200 log
c21lg-d.media.net/ 35 B
194 B 153ms
152ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=c54f9010-f591-485d-b0d9-2a50a598999c&cs=15&vsid=2777868679316573000V10
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ7QFB4&prvid=2033%2C2030%2C273%2C233%2C157%2C2027%2C236%2C2026%2C159%2C238%2C117%2C97%2C99%2C55%2C56%2C59%2C3012%2C122%2C3007%2C201%2C4%2C246%2C203%2C126%2C9%2C171%2C251%2C175%2C132%2C178%2C3018%2C257%2C3016%2C214%2C3015%2C70%2C77%2C38%2C261%2C184%2C188%2C222%2C225%2C148%2C226%2C80%2C10000%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 03:01:07 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 21 Oct 2021 03:01:07 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 10A0 31 KB
9 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 03:01:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35639
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9275
Expires: Thu, 21 Oct 2021 12:55:06 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 10A0 284 B
536 B 410ms
94ms Image
image/jpg 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: bd0f62a3fbacfef6a33ae6abaf6daf37
Content-Type: image/jpg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track-east.mobileadtrading.com
URL: https://track-east.mobileadtrading.com/usersync?ru=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2777868679316573000V10%26type%3Dsom%26refUrl%3D%26vid%3D47852671672777868679316573000V10%26ovsid%3D%24%7BUID%7D

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.media.net/	1970-01-20 02:32:49	Name: gdpr_status Value: 1
.rfihub.com/	1970-01-20 07:28:01	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MDM2MLc0MjS1MLG0NDA2MhDiM9T1NjC2SPPyLUrz8AmQ4jU0MzYxtzA1MjM3NrcAAM31zOg0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MDM2MLc0MjS1MLG0NDA2MhDiM9T1NjC2SPPyLUrz8AkAAC23QzwlAAAA
.criteo.com/	1970-01-20 07:28:01	Name: uid Value: 142383ad-cc70-41a2-99e5-41907d7128ee
.openx.net/	1970-01-20 06:52:01	Name: i Value: 6cea6888-12a5-065b-099f-dfad7fa3e54f\|1634785267
.doubleclick.net/	1970-01-20 15:37:37	Name: IDE Value: AHWqTUmCAgUGKNUH7_zwJmhNY2d7QDiiYHMcDSaCVE1fri1z6KAU_0_RZzo7cRgV9hI
.mathtag.com/	1970-01-20 07:32:20	Name: uuid Value: a1f86170-d7f3-4500-87a1-a8724258a7d4
.media.net/	1970-01-19 22:49:37	Name: data-c-ts Value: 1634785267
.media.net/	1970-01-19 22:49:37	Name: data-c Value: 142383ad-cc70-41a2-99e5-41907d7128ee~~1
.media.net/	1970-01-20 06:50:34	Name: data-rk Value: 5106307921584990320~~8
.media.net/	1970-01-20 06:50:34	Name: data-mm Value: a1f86170-d7f3-4500-87a1-a8724258a7d4~~8
.media.net/	1970-01-19 22:26:34	Name: data-g Value: CAESENkphSIPpnZth3c3RQRcjo0~~8
.mfadsrvr.com/	1970-01-20 15:37:37	Name: tuuid Value: a7b10a09-ec34-4dde-af2c-4bd9f2468b46
.mfadsrvr.com/	1970-01-20 15:37:37	Name: c Value: 1634785267
.mfadsrvr.com/	1970-01-20 15:37:37	Name: tuuid_lu Value: 1634785267
.media.net/	1970-01-20 06:50:34	Name: data-o Value: 776a3e4e-1022-034c-3006-692ba96b446e~~8
.mfadsrvr.com/	1970-01-20 15:37:37	Name: ssh Value: !medianet,1634785267
.media.net/	1970-01-20 06:52:01	Name: data-mf Value: a7b10a09-ec34-4dde-af2c-4bd9f2468b46~~1
.adsrvr.org/	1970-01-20 06:52:01	Name: TDID Value: 5075e2d2-361b-4aea-bfd0-a59698fc4eb0
.media.net/	1970-01-19 22:06:25	Name: x-country-code Value: country:
.media.net/	1970-01-19 22:06:25	Name: x-client-ip Value: ip:216.131.114.109
.media.net/	1970-01-20 06:52:01	Name: visitor-id Value: 0000EEA
.adsrvr.org/	1970-01-20 06:52:01	Name: TDCPM Value: CAEYBSABKAIyCwiktOaluJKKOhAFOAE.
.yahoo.com/	1970-01-20 06:52:22	Name: A3 Value: d=AQABBPPXcGECEHn7QH43WSjhT81lAHI-GfMFEgEBAQEpcmF6YQAAAAAA_eMAAA&S=AQAAAjRXGUvQpFsuMYUnanuUg2c
.analytics.yahoo.com/	1970-01-20 06:53:27	Name: IDSYNC Value: 18xa~212r
.media.net/	1970-01-19 22:26:34	Name: data-ttd Value: 5075e2d2-361b-4aea-bfd0-a59698fc4eb0~~1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://match.sharethrough.com/media.net/v1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/710489.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://track-east.mobileadtrading.com/usersync?ru=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2777868679316573000V10%26type%3Dsom%26refUrl%3D%26vid%3D47852671672777868679316573000V10%26ovsid%3D%24%7BUID%7D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c21lg-d.media.net
cm.g.doubleclick.net
contextual.media.net
cs.media.net
dis.criteo.com
dmp.adblade.com
eus.rubiconproject.com
gum.criteo.com
hbx.media.net
id.rlcdn.com
match.adsrvr.org
match.sharethrough.com
medianet-match.dotomi.com
p.rfihub.com
rtb.mfadsrvr.com
secure-assets.rubiconproject.com
sync.go.sonobi.com
sync.mathtag.com
token.rubiconproject.com
track-east.mobileadtrading.com
ups.analytics.yahoo.com
us-u.openx.net
x.bidswitch.net
track-east.mobileadtrading.com
104.109.78.125
142.250.184.194
178.162.133.149
178.250.0.163
178.250.2.146
18.156.0.31
18.157.150.79
18.195.106.43
18.198.220.83
185.29.132.241
193.0.160.129
2.18.235.93
2.19.35.65
34.199.73.116
35.244.159.8
35.244.174.68
63.215.202.137
76.223.111.131
8.43.72.98
0043689ae0689229420d51e3264c431381031137cbb5611db02e872b82675e3f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
421192a006149c26292f6690c2cb34bf0425ab74ae9ae0a47f8d3cd7a8c7c765
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

contextual.media.net Open in urlscan Pro 2.18.235.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

0 %IPv6

17 Domains

23 Subdomains

12 IPs

6 Countries

48 kBTransfer

127 kBSize

26 Cookies

0 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

26 Cookies

3 Console Messages

Security Headers

Indicators

contextual.media.net Open in urlscan Pro
2.18.235.93 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

0 %
IPv6

17
Domains

23
Subdomains

12
IPs

6
Countries

48 kB
Transfer

127 kB
Size

26
Cookies

23 HTTP transactions
0 data transactions