52.178.69.189 Open in urlscan Pro
52.178.69.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://52.178.69.189/
Effective URL:
https://52.178.69.189/webappv2/
Submission: On December 12 via manual (December 12th 2021, 10:47:21 am UTC) from ES — Scanned from DE

Summary HTTP 163 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 59 IPs in 10 countries across 68 domains to perform 163 HTTP transactions. The main IP is 52.178.69.189, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 52.178.69.189.
TLS certificate: Issued by cdrsbg-CA on March 15th 2017. Valid for: 20 years.

This is the only time 52.178.69.189 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 59	52.178.69.189 52.178.69.189	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	54.216.80.98 54.216.80.98	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	65.9.68.17 65.9.68.17	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
8	13.69.106.212 13.69.106.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
3	2600:9000:205... 2600:9000:2057:4400:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.96.67.224 34.96.67.224	15169 (GOOGLE) (GOOGLE)
1	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:9a00:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	23.45.106.90 23.45.106.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.228.88.71 3.228.88.71	14618 (AMAZON-AES) (AMAZON-AES)
2 16	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
1	18.215.30.37 18.215.30.37	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.246.208.198 54.246.208.198	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.157.138.20 35.157.138.20	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.144 185.86.138.144	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.197.73.85 18.197.73.85	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.196.241.128 18.196.241.128	16509 (AMAZON-02) (AMAZON-02)
2 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 3	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	52.17.84.146 52.17.84.146	16509 (AMAZON-02) (AMAZON-02)
2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	54.77.170.127 54.77.170.127	16509 (AMAZON-02) (AMAZON-02)
1	52.218.60.75 52.218.60.75	16509 (AMAZON-02) (AMAZON-02)
1	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
5 5	139.162.159.252 139.162.159.252	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	51.77.65.176 51.77.65.176	16276 (OVH) (OVH)
1 1	145.239.1.219 145.239.1.219	16276 (OVH) (OVH)
3 3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	85.90.245.27 85.90.245.27	63949 (LINODE-AP...) (LINODE-AP Linode)
1	52.215.164.121 52.215.164.121	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.68.72 65.9.68.72	16509 (AMAZON-02) (AMAZON-02)
2 2	34.192.120.237 34.192.120.237	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.72.239.169 54.72.239.169	16509 (AMAZON-02) (AMAZON-02)
1 1	3.120.52.200 3.120.52.200	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.171.80 18.185.171.80	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
1 2	141.95.34.104 141.95.34.104	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:211... 2600:9000:211e:5000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
163	59

59 52.178.69.189 (Amsterdam, Netherlands) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

52.178.69.189	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.80.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-80-98.eu-west-1.compute.amazonaws.com

wurfl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States) 2 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-17.fra56.r.cloudfront.net

sdk.bluerbn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.69.106.212 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:4400:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.siftscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:9a00:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.106.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-106-90.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.88.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-88-71.compute-1.amazonaws.com

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.4.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.30.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-30-37.compute-1.amazonaws.com

px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.208.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-208-198.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.138.20 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-138-20.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.73.85 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-73-85.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.241.128 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-241-128.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Aalborg, Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.214.165 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.84.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.170.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-170-127.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.60.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.162.159.252 (Frankfurt am Main, Germany) 5 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1426-252.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.65.176 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: tags12.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.1.219 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: adn20.smartstream.tv

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.90.245.27 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1428-27.members.linode.com

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.164.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-164-121.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-72.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.120.237 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-120-237.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.239.169 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-239-169.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.52.200 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-200.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.171.80 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-171-80.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (Broomfield, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.34.104 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: p33.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.149.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:5000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	adform.net 4 redirects a2.adform.net s2.adform.net c1.adform.net dmp.adform.net	41 KB
9	doubleclick.net 5 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	5 KB
8	visualstudio.com dc.services.visualstudio.com	817 B
6	adsafety.net 6 redirects cm.adsafety.net tags.adsafety.net	10 KB
6	dynamicyield.com cdn.dynamicyield.com st.dynamicyield.com async-px.dynamicyield.com px.dynamicyield.com	175 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	semasio.net 3 redirects uipglob.semasio.net	3 KB
4	googleapis.com maps.googleapis.com	170 KB
4	google-analytics.com www.google-analytics.com	40 KB
3	adnxs.com 2 redirects secure.adnxs.com	3 KB
3	exelator.com 2 redirects loadm.exelator.com load77.exelator.com	2 KB
3	eyeota.net 1 redirects ps.eyeota.net	2 KB
3	google.com www.google.com Failed adservice.google.com	1 KB
3	googletagmanager.com www.googletagmanager.com	124 KB
2	3lift.com 1 redirects eb2.3lift.com	715 B
2	tapad.com 2 redirects pixel.tapad.com	906 B
2	1dmp.io 1 redirects sync.1dmp.io	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	519 B
2	id5-sync.com 1 redirects id5-sync.com	2 KB
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	audrte.com 2 redirects a.audrte.com	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com	913 B
2	smartstream.tv 1 redirects ads.smartstream.tv cm.smartstream.tv	849 B
2	bluekai.com tags.bluekai.com	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net	1014 B
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	1rx.io 2 redirects sync.1rx.io	743 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	adscale.de 2 redirects ih.adscale.de	692 B
2	360yield.com 1 redirects ad.360yield.com	826 B
2	paypal.com www.paypal.com t.paypal.com	6 KB
2	facebook.net connect.facebook.net	114 KB
2	google.de www.google.de Failed	656 B
2	msecnd.net az416426.vo.msecnd.net	44 KB
2	ads-twitter.com static.ads-twitter.com	11 KB
2	twitter.com 2 redirects platform.twitter.com analytics.twitter.com Failed	670 B
2	wurfl.io wurfl.io	2 KB
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net s.ad.smaato.net	239 B
1	teads.tv sync.teads.tv	172 B
1	ib-ibi.com global.ib-ibi.com	72 B
1	agkn.com 1 redirects aa.agkn.com	344 B
1	userreport.com pdw-adf.userreport.com	444 B
1	pubmatic.com simage2.pubmatic.com	542 B
1	krxd.net beacon.krxd.net	338 B
1	onaudience.com pixel.onaudience.com	248 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net	406 B
1	openx.net eu-u.openx.net	275 B
1	rlcdn.com idsync.rlcdn.com
1	unrulymedia.com sync.targeting.unrulymedia.com	395 B
1	stickyadstv.com ads.stickyadstv.com	713 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	yieldlab.net ad.yieldlab.net	522 B
1	seadform.net a1.seadform.net	343 B
1	googleadservices.com www.googleadservices.com	14 KB
1	siftscience.com cdn.siftscience.com	20 KB
1	paypalobjects.com www.paypalobjects.com	235 KB
1	bluerbn.com sdk.bluerbn.com	292 KB
1	t.co t.co	470 B
0	codere.mx Failed m.codere.mx Failed
0	Failed function sub() { [native code] }. Failed
0	azurewebsites.net Failed coderesbgonlinegeoip.azurewebsites.net Failed
163	68

	Domain	Requested by
12	c1.adform.net	2 redirects a2.adform.net c1.adform.net
8	dc.services.visualstudio.com	az416426.vo.msecnd.net 52.178.69.189
5	cm.adsafety.net	5 redirects
4	dmp.adform.net	c1.adform.net
4	match.adsrvr.org	4 redirects
4	uipglob.semasio.net	3 redirects c1.adform.net
4	maps.googleapis.com	52.178.69.189 maps.googleapis.com
4	www.google-analytics.com	52.178.69.189 www.google-analytics.com
3	secure.adnxs.com	2 redirects c1.adform.net
3	cm.g.doubleclick.net	3 redirects
3	ps.eyeota.net	1 redirects c1.adform.net
3	cdn.dynamicyield.com	52.178.69.189 st.dynamicyield.com
3	a2.adform.net	2 redirects 52.178.69.189
3	www.googletagmanager.com	52.178.69.189 www.googletagmanager.com
2	ad.doubleclick.net	2 redirects
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	id5-sync.com	1 redirects c1.adform.net
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	sync.1rx.io	2 redirects
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	connect.facebook.net	52.178.69.189 connect.facebook.net
2	www.google.de	52.178.69.189
2	www.google.com	52.178.69.189
2	stats.g.doubleclick.net	www.google-analytics.com
2	az416426.vo.msecnd.net	52.178.69.189
2	static.ads-twitter.com	52.178.69.189
2	platform.twitter.com	2 redirects
2	wurfl.io	52.178.69.189
1	adservice.google.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.smartstream.tv	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	pixel.onaudience.com	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	sync.targeting.unrulymedia.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	px.dynamicyield.com	52.178.69.189
1	a1.seadform.net	52.178.69.189
1	async-px.dynamicyield.com	52.178.69.189
1	t.paypal.com	52.178.69.189
1	st.dynamicyield.com	52.178.69.189
1	www.googleadservices.com	www.googletagmanager.com
1	www.paypal.com	www.paypalobjects.com
1	cdn.siftscience.com	52.178.69.189
1	s2.adform.net	52.178.69.189
1	www.paypalobjects.com	52.178.69.189
1	sdk.bluerbn.com	52.178.69.189
1	t.co	52.178.69.189
0	m.codere.mx Failed	52.178.69.189
0	52.178.69.189 Failed	52.178.69.189
0	coderesbgonlinegeoip.azurewebsites.net Failed	52.178.69.189
0	analytics.twitter.com Failed	platform.twitter.com
163	83

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
www.instagram.com
twitter.com
www.facebook.com
www.codere.mx

Subject Issuer	Validity	Valid
cdrsbg-CA cdrsbg-CA	`2017-03-15` - `2037-03-15`	20 years	crt.sh
wurfl.io Amazon	`2021-07-10` - `2022-08-08`	a year	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.prod.bluerbn.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-11-03` - `2022-10-31`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-07-22` - `2022-07-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.dynamicyield.com Amazon	`2021-09-29` - `2022-10-28`	a year	crt.sh
*.siftscience.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-19`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-09-17` - `2022-10-18`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://52.178.69.189/webappv2/
Frame ID: D3602539149AB038970D8222432F3C64
Requests: 114 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Frame ID: D7D69E4B5539D8758670FF3A45571F2F
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Codere Apuestas

Page URL History Show full URLs

https://52.178.69.189/ HTTP 301
https://52.178.69.189/csbgonline HTTP 302
https://52.178.69.189/csbgonline/home/index Page URL
https://52.178.69.189/webappv2/ Page URL

Page Statistics

163
Requests

41 %
HTTPS

19 %
IPv6

68
Domains

83
Subdomains

59
IPs

10
Countries

14891 kB
Transfer

18493 kB
Size

119
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/mx/app/codere-appuestas-mx/id1185542560?mt=8

Search URL Search Domain Scan URL

URL: https://www.instagram.com/coderemx/

Search URL Search Domain Scan URL

URL: https://twitter.com/@CodereMX

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CodereMX

Search URL Search Domain Scan URL

URL: https://www.codere.mx/Documents/AMH-Pol%C3%ADticas%20de%20Apuesta.pdf
Title: Políticas

Search URL Search Domain Scan URL

URL: https://www.codere.mx/gaming/casino
Title: Casino

Search URL Search Domain Scan URL

URL: https://www.codere.mx/gaming/slots
Title: Juegos

Search URL Search Domain Scan URL

URL: https://www.codere.mx/gaming/ruleta
Title: Ruleta

Search URL Search Domain Scan URL

URL: https://www.codere.mx/apuestas-deportivas
Title: Apuestas Deportivas

Search URL Search Domain Scan URL

URL: https://www.codere.mx/apuestas-futbol
Title: Apuestas Fútbol

Search URL Search Domain Scan URL

URL: https://www.codere.mx/informaci%C3%B3n-legal/aviso-de-privacidad
Title: POLÍTICA DE COOKIES

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://52.178.69.189/ HTTP 301
https://52.178.69.189/csbgonline HTTP 302
https://52.178.69.189/csbgonline/home/index Page URL
https://52.178.69.189/webappv2/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://52.178.69.189/ HTTP 301
https://52.178.69.189/csbgonline HTTP 302
https://52.178.69.189/csbgonline/home/index

Request Chain 3

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 37

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 39

https://a2.adform.net/serving/scripts/trackpoint/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-sync.js

Request Chain 57

https://a2.adform.net/Serving/TrackPoint/?pm=1521584&ADFPageName=Master%20Tag&ADFdivider=%7C&ord=511802527621&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&ADFtpmode=3&loc=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1521584&ADFPageName=Master%20Tag&ADFdivider=%7C&ord=511802527621&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&ADFtpmode=3&loc=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F

Request Chain 63

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6252154911019776553&Expiration=1640515632 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6252154911019776553&Expiration=1640515632

Request Chain 66

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6252154911019776553&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6252154911019776553&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=d3c8352a9e7c441aadf3b2368aef320f HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=7b605c4ce353d900f840d77eac1eabbcea38086a04c6a3947718f04861c7972c

Request Chain 68

https://pixel.advertising.com/ups/55944/sync?uid=6252154911019776553&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=6252154911019776553&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6252154911019776553&_origin=1&apid=UPdd3fba9c-5b38-11ec-b2c5-024703e8ab5a HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6252154911019776553&_origin=1&apid=UPdd3fba9c-5b38-11ec-b2c5-024703e8ab5a&verify=true

Request Chain 70

https://x.bidswitch.net/sync?dsp_id=70&user_id=6252154911019776553 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6252154911019776553 HTTP 302
https://sync.1rx.io/usersync/bidswitch/90695bd4-e477-42d7-8ac8-d3b57ffc8602?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/90695bd4-e477-42d7-8ac8-d3b57ffc8602?zcc=1&dspret=0&cb=1639306037801 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-020a1a48-6c92-4d72-b86e-89db9150294d-003

Request Chain 71

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6252154911019776553&expiration=1640515632 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6252154911019776553&expiration=1640515632&C=1

Request Chain 72

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6252154911019776553&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6252154911019776553&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=7e3961b5-d335-4700-8ff9-9e7e41db9b1a&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=e64d32db-8133-4800-9480-11e69dcc1b02

Request Chain 73

https://ps.eyeota.net/match?uid=6252154911019776553&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=6252154911019776553&bid=9gdtmu1

Request Chain 74

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6252154911019776553 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6252154911019776553&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 76

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6252154911019776553 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6252154911019776553

Request Chain 79

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 81

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6252154911019776553 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12021121210b0cbbcdc98f37f22af6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=433833a3adb1b102882a2723a937bea3 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12021121210b0cbbcdc98f37f22af6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=433833a3adb1b102882a2723a937bea3&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEyMTIxMGIwY2JiY2RjOThmMzdmMjJhZjY HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEDZEAgJhiw3VSENUFrgs6hw&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12021121210b0cbbcdc98f37f22af6 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6252154911019776553 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7040765817077823638

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjI1MjE1NDkxMTAxOTc3NjU1Mw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDpEzK-il1TJYhIsDVhE5rU&google_cver=1&google_ula=1641347,0

Request Chain 85

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=1214088626216128084&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=6252154911019776553

Request Chain 88

https://a.audrte.com/a?adform_uid=6252154911019776553 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEPXk8D6V2l3Ft8663RQHCCs&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=8glAOku7-qGSwutJ0V9mb4vYg&gdpr=0&gdpr_consent=

Request Chain 89

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6252154911019776553&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6252154911019776553&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=86725286188342488023858330356715416342&noredirect=1

Request Chain 90

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6252154911019776553 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164990203998000151813

Request Chain 91

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7040765817077823638

Request Chain 93

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=e16861b5-d335-4400-98c9-654900b95c6f

Request Chain 94

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=J4seeRV71MWmnX5

Request Chain 95

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e64d32db-8133-4800-9480-11e69dcc1b02

Request Chain 97

https://id5-sync.com/s/10/0.gif?puid=6252154911019776553 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=6252154911019776553&gdpr=1&gdpr_consent=

Request Chain 98

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1986608057 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=2kd6C.EmLrsizoYdz1MTD.

Request Chain 100

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6252154911019776553 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6252154911019776553&cs=1

Request Chain 102

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=6252154911019776553&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=6252154911019776553&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=b6f47f91-d66f-4d80-93b0-9dcda0232e4b

Request Chain 104

https://eb2.3lift.com/xuid?mid=7354&xuid=6252154911019776553&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6252154911019776553&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

Request Chain 149

https://ad.doubleclick.net/ddm/activity/src=8040082;type=upper0;cat=home-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8040082;dc_pre=CP2o-_GK3vQCFZBaGQodWPwNFQ;type=upper0;cat=home-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8040082;dc_pre=CP2o-_GK3vQCFZBaGQodWPwNFQ;type=upper0;cat=home-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

163 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

index Show response
52.178.69.189/csbgonline/home/
Redirect Chain

https://52.178.69.189/
https://52.178.69.189/csbgonline
https://52.178.69.189/csbgonline/home/index

6 KB
3 KB

78ms
77ms

Document
text/html

52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/csbgonline/home/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dd75dd48d58096c3b29f90fda6f9847adf540b1ea726a283613255f61f6a2fe2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 12 Dec 2021 10:47:10 GMT
Content-Length: 2273

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Location: /csbgonline/home/index
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 12 Dec 2021 10:47:10 GMT
Content-Length: 127

GET
H/1.1 200
OK wurfl.js Show response
wurfl.io/ 623 B
967 B 128ms
30ms Script
application/javascript 54.216.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wurfl.io/wurfl.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/csbgonline/home/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: df470d9027c8e97a09e311ddc1dfc2f9d97c5477807c4804028ce92171eace31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Content-Encoding: br
Accept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
Vary: accept-encoding, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 333

GET
H/1.1 200
OK libIndex.js Show response
52.178.69.189/csbgonline/AppWeb/js/ 5 KB
6 KB 18ms
17ms Script
application/javascript 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/csbgonline/AppWeb/js/libIndex.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/csbgonline/home/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a6892f0cee0da7485b556d1c9800783ce273450abc97bdeda2d9e58820280457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/csbgonline/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:10 GMT
Last-Modified: Wed, 22 Jan 2020 13:33:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "179fe77928d1d51:0"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 5587

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

14 KB
6 KB

38ms
7ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/csbgonline/home/index
Protocol: H2
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:11 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200170-IAD, cache-fra19164-FRA

Redirect headers

x-tw-cdn: VZ
Date: Sun, 12 Dec 2021 10:47:11 GMT
Server: ECS (mil/6CFA)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 176ms
40ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/csbgonline/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C34) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Dec 2021 10:47:11 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1750
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (mil/6C34)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9eb4cc22-001e-00a1-4d41-ef3308000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Sun, 12 Dec 2021 11:17:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
46 KB 58ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WK7WJK

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/csbgonline/home/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9412347b2988903520c9a54acfb7896a43b0a24f4cefafa74448f49696b9bf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47060
x-xss-protection: 0
last-modified: Sun, 12 Dec 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Dec 2021 10:47:11 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 132ms
115ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuhby&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0925b7a0-ce06-4103-a1e2-1f47b256446b&tw_document_href=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/csbgonline/home/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Sun, 12 Dec 2021 10:47:11 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 81a4a269adbf3b9499192d8f21e8bac15079a36d5871739d09483bac0c2b0231
x-transaction: 3c3132179b900f1f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/csbgonline/home/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6365
date: Sun, 12 Dec 2021 09:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 12 Dec 2021 11:01:06 GMT

GET adsct
analytics.twitter.com/i/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
146 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2113103610&t=pageview&_s=1&dl=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&ul=en-us&de=UTF-8&dt=Codere%20Apuestas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1607084753&gjid=1494688502&cid=1340913202.1639306031&tid=UA-54261750-1&_gid=1335519273.1639306031&_r=1&_slc=1&z=693347379

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://52.178.69.189/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://52.178.69.189
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 1 B
438 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-75372752-1&cid=1340913202.1639306031&jid=656307600&gjid=728760055&_gid=1335519273.1639306031&_u=YGDAiEABBAAAAG~&z=2039172075

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://52.178.69.189/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 12 Dec 2021 10:47:11 GMT
content-type: text/plain
access-control-allow-origin: https://52.178.69.189
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2113103610&t=pageview&_s=1&dl=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&ul=en-us&de=UTF-8&dt=Codere%20Apuestas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAC~&jid=656307600&gjid=728760055&cid=1340913202.1639306031&tid=UA-75372752-1&_gid=1335519273.1639306031&gtm=2wgc10WK7WJK&z=1886961286

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/csbgonline/home/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 02:04:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31341
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
72 B 49ms
20ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54261750-1&cid=1340913202.1639306031&jid=1607084753&gjid=1494688502&_gid=1335519273.1639306031&_u=IEBAAEAAAAAAAC~&z=393891107

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://52.178.69.189/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 12 Dec 2021 10:47:11 GMT
content-type: text/plain
access-control-allow-origin: https://52.178.69.189
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.com/ads/ 0
0

GET ga-audiences
www.google.de/ads/ 0
0

GET
H/1.1 200
OK Primary Request / Show response
52.178.69.189/webappv2/ 7 KB
7 KB 21ms
20ms Document
text/html 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/csbgonline/AppWeb/js/libIndex.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f2aed238145f30ec5ff2f43e6a1b133ae9106f8e4d1d27fb9f296f37d2fc5aaa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/csbgonline/home/index

Response headers

Content-Type: text/html
Last-Modified: Sat, 27 Feb 2021 17:20:42 GMT
Accept-Ranges: bytes
ETag: "8597ce02cdd71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 12 Dec 2021 10:47:11 GMT
Content-Length: 7054

GET
H/1.1 200
OK wurfl.js Show response
wurfl.io/ 623 B
967 B 30ms
30ms Script
application/javascript 54.216.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wurfl.io/wurfl.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: df470d9027c8e97a09e311ddc1dfc2f9d97c5477807c4804028ce92171eace31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Content-Encoding: br
Accept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
Vary: accept-encoding, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 333

GET
H/1.1 200
OK main.css
52.178.69.189/webappv2/build/ 2 MB
2 MB 20ms
20ms Stylesheet
text/css 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/build/main.css?i=20181005
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 72f7b75ccde779498003d7e479a0927290260f49f54a9954331d813e1ddd5ad1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Last-Modified: Thu, 04 Mar 2021 19:29:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "24b78ea22c11d71:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1591335

GET
H/1.1 200
OK swiper.min.css
52.178.69.189/webappv2/assets/swiper/css/ 15 KB
16 KB 56ms
25ms Stylesheet
text/css 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/assets/swiper/css/swiper.min.css
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e57292ae344406b50df1318eaa4cc72694627ab32349f50aefac8b52f9bba4e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Last-Modified: Thu, 12 Mar 2020 17:05:38 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "a5f2407490f8d51:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 15793

GET
H/1.1 200
OK swiper.min.js Show response
52.178.69.189/webappv2/assets/swiper/js/ 136 KB
136 KB 58ms
27ms Script
application/javascript 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/assets/swiper/js/swiper.min.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e068e19a22dec330fd02d3bc330abc5e2247f7bafb0d6ad459e93f6b50c37c08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Last-Modified: Thu, 12 Mar 2020 17:05:38 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6065f7490f8d51:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 139068

GET
H/1.1 200
OK common.js Show response
52.178.69.189/webappv2/assets/js/ 8 KB
9 KB 57ms
26ms Script
application/javascript 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/assets/js/common.js?vv=10102018
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3497875fd7d7a181cf1427771ff1f51d044b9d047e66fa4650452485cae6b9a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Last-Modified: Thu, 12 Mar 2020 17:05:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "ae4bcf6d90f8d51:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8678

GET
H2 200 br-sdk-1.2.19.js Show response
sdk.bluerbn.com/ 1 MB
292 KB 420ms
389ms Script
application/javascript 65.9.68.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.bluerbn.com/br-sdk-1.2.19.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13d59c755b7999c0688322c1e0a0a3569d93986240abc3453e9790e3decaff35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 13:02:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"e75b32258beebb358b7ad2e860e6d9d9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: null
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
content-type: application/javascript
x-amz-cf-id: fqIR3b6pTdtJlJoSYe7zsiB5skwTFdj1kEActMsuQpMIVheakXgr5w==

GET
H/1.1 200
OK polyfills.js Show response
52.178.69.189/webappv2/build/ 95 KB
95 KB 57ms
26ms Script
application/javascript 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/build/polyfills.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 889b55a9f68c3f0b1b423c124f4876639920d29a171098d4e42d120d401290d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Last-Modified: Sat, 27 Feb 2021 15:51:04 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "958bb05a20dd71:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 97180

GET
H/1.1 200
OK nativas.js Show response
52.178.69.189/webappv2/assets/js/ 8 KB
8 KB 57ms
26ms Script
application/javascript 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/assets/js/nativas.js?vv=10102018
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fda24fc83ac4bcef24e2e9458255391b531082973303b25ff7bdd81b8b9b78d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Last-Modified: Thu, 12 Mar 2020 17:05:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1e39736d90f8d51:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 7848

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 155 KB
51 KB 73ms
36ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDR-AuFd7Yauvrc_dohj187f-k3pQvSMsg&libraries=places

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

eb279e8b153f95096eb59ab3b300a7e45ac70cdc6463fc10159d41665dac7f00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:11 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51798
x-xss-protection: 0
expires: Sun, 12 Dec 2021 11:17:11 GMT

GET
H/1.1 200
OK temporaryPromotions.js Show response
52.178.69.189/webappv2/assets/js/ 528 B
788 B 73ms
17ms Script
application/javascript 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/assets/js/temporaryPromotions.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 601b964b9f1303d26d370423a6cbc49c7fd810eb144f7c543da610a250788938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Last-Modified: Thu, 12 Mar 2020 17:05:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "402e9c6d90f8d51:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 528

GET
H/1.1 200
OK customInsights.js Show response
52.178.69.189/webappv2/assets/js/ 97 KB
97 KB 87ms
28ms Script
application/javascript 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/assets/js/customInsights.js?vv=878787587
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8804028fa95503768f3d5edb4c190c5dbcbb666c96bb4cf75a60c2365caf979c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Last-Modified: Mon, 25 Jan 2021 14:41:15 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "3cf7402228f3d61:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 99293

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ 1 MB
235 KB 89ms
22ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

911cedca4de02342bd10e87598103fccdb14b5965a91a4b21a1310082e8f9076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: d3b0517d371ca
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 239797
last-modified: Thu, 12 Aug 2021 19:29:50 GMT
etag: W/"611576ae-16d559"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-headers: x-csrf-token
expires: Mon, 13 Dec 2021 10:47:11 GMT

GET
H/1.1 200
OK newAntiForgeryPartial Show response
52.178.69.189/csbgonline/account/ 160 B
641 B 95ms
95ms XHR
text/html 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/csbgonline/account/newAntiForgeryPartial
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/assets/js/common.js?vv=10102018
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a6f338869efa1e9573804bb604b1f0a8443669c68cefc5751b42fd573b69c2bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 4.0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 171

GET
H/1.1 200
OK getFeatures Show response
52.178.69.189/csbgonline/home/ 10 KB
4 KB 92ms
92ms XHR
application/json 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/csbgonline/home/getFeatures?region=4
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/assets/js/common.js?vv=10102018
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9e6f33609bbfd590f439037e4ad52f327ef4b5bba38fc1fc67493f7773f3336f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 4.0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 3796

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 40ms
40ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/assets/js/common.js?vv=10102018
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C34) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 12 Dec 2021 10:47:11 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1750
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (mil/6C34)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9eb4cc22-001e-00a1-4d41-ef3308000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Sun, 12 Dec 2021 11:17:11 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 192ms
16ms Preflight 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://52.178.69.189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Sun, 12 Dec 2021 10:47:11 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
305 B 1208ms
1208ms XHR
application/json 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d1cdfb07d2469d9ed4652940f39e7ca37723d935b625cc8076a80af6d80e0154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://52.178.69.189/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: BD52A3AD-7EEF-459B-B5B1-89BD34D85CAB
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sun, 12 Dec 2021 10:47:12 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
H/1.1 200
OK vendor.js Show response
52.178.69.189/webappv2/buildDes/ 6 MB
6 MB 32ms
31ms Script
application/javascript 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/buildDes/vendor.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e858b2bc1baec68ced485aab64e4032247fa5eaa0159a8ad46a5288cb8b8fafc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:11 GMT
Last-Modified: Thu, 03 Jun 2021 10:05:57 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "156c45c6058d71:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6179981

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 36ms
22ms XHR
application/json 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://52.178.69.189
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET currentRequestCountryIsoCode
coderesbgonlinegeoip.azurewebsites.net/ips/ 0
0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/assets/js/customInsights.js?vv=878787587

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6366
date: Sun, 12 Dec 2021 09:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 12 Dec 2021 11:01:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 116ms
13ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/assets/js/customInsights.js?vv=878787587

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: m5KO9VEF72ewVmpmA7FbGFKeaWnuUGjudk6ustcVVaPEuq0+TV740iPna/0ScyjYrIsD0OZ9Se+voUKJhjUlNw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 12 Dec 2021 10:47:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

14 KB
5 KB

14ms
13ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: H2
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200170-IAD, cache-fra19164-FRA

Redirect headers

x-tw-cdn: VZ
Date: Sun, 12 Dec 2021 10:47:12 GMT
Server: ECS (mil/6CE2)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 34ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-784651305

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/assets/js/customInsights.js?vv=878787587

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

171f82db32b2d0e70ae5da3e0e0cf33cda45b528ad219d7501f46d557a2f57ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39607
x-xss-protection: 0
last-modified: Sun, 12 Dec 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Dec 2021 10:47:12 GMT

GET
H2

200

trackpoint-sync.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/
https://s2.adform.net/banners/scripts/st/trackpoint-sync.js

78 KB
28 KB

82ms
18ms

Script
application/x-javascript

37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-sync.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: H2
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 765110c2ed9df6800bace14e8a25e1eab733ff6b792266fbcbe3a34b6649da0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:01 GMT
server: nginx
etag: W/"613888ed-13729"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-sync.js
date: Sun, 12 Dec 2021 10:47:12 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8771342/ 80 KB
12 KB 148ms
45ms Script
application/javascript 2600:9000:2057:4400:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8771342/api_dynamic.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/assets/js/customInsights.js?vv=878787587
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 1715cdf26ca2136bbe9a1f35231ae9da9cce287347760bc7bf08657dda132696

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 15:27:24 GMT
server: DYCDN
x-amz-cf-pop: FRA6-C1
etag: W/"9b9d601ac7f4350003d13f9fae511567"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: xBJsGaIJtX45cbuksTW4pLwlhmZaLZ-Cq07Ht2VO3LQEoqxdN50c6A==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8771342/ 348 KB
99 KB 122ms
19ms Script
application/javascript 2600:9000:2057:4400:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8771342/api_static.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/assets/js/customInsights.js?vv=878787587
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: f2ca16184a18e96701a6bfe86b5233d7702c64f0594ca7d184c06bd79164ded4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 15:52:10 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 15:27:24 GMT
server: DYCDN
age: 68103
etag: W/"74ecaf92420431bcde8b4e99c6af632a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: Oek103T_YyVuNCZI75dJpM1JSoNjBBoZoemGZAjJEFT6aw9OT_gBug==

GET
H2 200 s.js Show response
cdn.siftscience.com/ 61 KB
20 KB 110ms
10ms Script
application/javascript 34.96.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.siftscience.com/s.js
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/assets/js/customInsights.js?vv=878787587
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 04:43:53 GMT
content-encoding: gzip
age: 21799
x-guploader-uploadid: ADPycds57sflg2uBu5lsf1BteYYPjpikzWccRYV-gmzzB9IxNzzqyLtzNbU0XfRAcB7hlec0f-FE5rBZ-aRsJCt-xDg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
x-goog-generation: 1586469553682331
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 13 Dec 2021 04:43:53 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 303ms
233ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=52.178.69.189&source=checkoutjs&t=xo&v=4.0.331

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-62RSMTNMLB0kyzsjuqIcO4FQwPT1aXolg0pI5Mz/Uoftzesf' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-62RSMTNMLB0kyzsjuqIcO4FQwPT1aXolg0pI5Mz/Uoftzesf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS, MISS
paypal-debug-id: f53956837db34
server-timing: content-encoding;desc=gzip
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4321
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7332-LHR, cache-cdg20734-CDG
x-timer: S1639306032.268360,VS0,VE215
x-frame-options: SAMEORIGIN
date: Sun, 12 Dec 2021 10:47:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
etag: W/"2ef4-3xgck+FFolYd+Y4aULz7wuzevMY"
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 99ms
35ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-784651305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 10:47:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-706929457&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-784651305

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ccdae600de4c15101319f0ce3f042b0158f0b69620e259ed58b264b7fc806659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39604
x-xss-protection: 0
last-modified: Sun, 12 Dec 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Dec 2021 10:47:12 GMT

GET
H3 200 670176583366501 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 538ms
514ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/670176583366501?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fd96d87d7cbd92663a76f91720ee35f59c87650b8a6cdc68d4f5e25f3fe4f3c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ouYOu/mWv4fID7oxP8sWMXSjyO8P2Gl2v6YANNAGl3y1YjvKEYQkprBDnFSTEx6BZx/IHLW1UQo+rVchgQx8Cw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 12 Dec 2021 10:47:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 st Show response
st.dynamicyield.com/ 14 KB
3 KB 159ms
106ms Script
text/javascript 2600:9000:211e:9a00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8771342&inHead=true&id=0&jsession=&ref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&scriptVersion=1.74.0&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%7D
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/csbgonline/home/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9a00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: af8f39bbfb75987ac0e4b233428007fb1063c1a3a27641cdbe89eff394a2f76f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/javascript; charset=utf-8
x-amz-cf-id: pAaUeAIfDSkhatv1lP9jHSMpoTIrTzV7avoHcQrIYx3CPkOWGnIzTQ==
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
expires: Sun, 12 Dec 2021 10:47:11 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/706929457/ 2 KB
2 KB 57ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/706929457/?random=1639306032384&cv=9&fst=1639306032384&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F&ref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&tiba=Codere%20Apuestas&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

342fd946f0b7a3cb40f751de7d5663ad734633f298a6cf0a05da43b820d8ff28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/784651305/ 2 KB
1 KB 58ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784651305/?random=1639306032387&cv=9&fst=1639306032387&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F&ref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&tiba=Codere%20Apuestas&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3b94efe0e7f70ed3777933248eea3ea68d854cfc563a687c579db964bed1784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK main.js Show response
52.178.69.189/webappv2/buildDes/ 5 MB
5 MB 457ms
456ms Script
application/javascript 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/buildDes/main.js?i=2110201811
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dd8057c40279a8e2a700b33505dabe750104ab48cfefd963b58099bef2f5de28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:12 GMT
Last-Modified: Thu, 03 Jun 2021 10:05:57 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "18663bc6058d71:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4941849

GET
H2 200 /
www.google.com/pagead/1p-user-list/706929457/ 42 B
548 B 20ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/706929457/?random=1639306032384&cv=9&fst=1639303200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F&ref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&tiba=Codere%20Apuestas&async=1&fmt=3&is_vtc=1&random=3669174381&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/706929457/ 42 B
548 B 18ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/706929457/?random=1639306032384&cv=9&fst=1639303200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F&ref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&tiba=Codere%20Apuestas&async=1&fmt=3&is_vtc=1&random=3669174381&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/784651305/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/784651305/?random=1639306032387&cv=9&fst=1639303200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F&ref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&tiba=Codere%20Apuestas&async=1&fmt=3&is_vtc=1&random=1131955474&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/784651305/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/784651305/?random=1639306032387&cv=9&fst=1639303200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F&ref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&tiba=Codere%20Apuestas&async=1&fmt=3&is_vtc=1&random=1131955474&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
924 B 205ms
162ms Image
image/gif 23.45.106.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Codere%20Apuestas&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1639306032496&g=0&completeurl=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.45.106.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-106-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Dec 2021 10:47:12 GMT
Strict-Transport-Security: max-age=63072000
P3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Paypal-Debug-Id: e0787355a3818
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 12 Dec 2021 10:47:12 GMT

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/1.74.0/ 187 KB
61 KB 11ms
10ms Script
application/javascript 2600:9000:2057:4400:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Requested by: Host: st.dynamicyield.com
URL: https://st.dynamicyield.com/st?sec=8771342&inHead=true&id=0&jsession=&ref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&scriptVersion=1.74.0&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: f965c409829dcdb36c9dfe56b7852bd972c120f200f8dcf404e95515553e7347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 07:09:36 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:42:06 GMT
server: DYCDN
age: 3037057
etag: W/"b83bfa468d2f5657f5785b6207009d81"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: U2B4nLCM3WSIW7qIUiXgUluAX4WE2h2yI-y6HsXd3Ir1xTefRyWLqA==

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=1521584&ADFPageName=Master%20Tag&ADFdivider=%7C&ord=511802527621&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fho...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1521584&ADFPageName=Master%20Tag&ADFdivider=%7C&ord=511802527621&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2F52.178.69.189%2Fcsbgonline...

9 KB
4 KB

90ms
90ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1521584&ADFPageName=Master%20Tag&ADFdivider=%7C&ord=511802527621&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&ADFtpmode=3&loc=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

144827495847f4660bc2ea7057312a482476b36c41b69677236233e57c7bc2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3757
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:12 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1521584&ADFPageName=Master%20Tag&ADFdivider=%7C&ord=511802527621&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&ADFtpmode=3&loc=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
228 B 314ms
109ms XHR
text/plain 3.228.88.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1639306032653
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.88.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-88-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://52.178.69.189/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:12 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame D7D6 5 KB
2 KB 96ms
30ms Document
text/html 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=1521584&ADFPageName=Master%20Tag&ADFdivider=%7C&ord=511802527621&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&ADFtpmode=3&loc=https%3A%2F%2F52.178.69.189%2Fwebappv2%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6d818c07d41a17e351229ad1546897a8203f71b5d0e9b6dc04c20794d28866ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/

Response headers

server: nginx
date: Sun, 12 Dec 2021 10:47:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
343 B 80ms
18ms Image
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=6252154911019776553&stamp=cxnvoGy1RQkDvP-67D9Y4w2

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 12 Dec 2021 10:47:12 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

POST
H2 200 clog Show response
px.dynamicyield.com/ 0
228 B 324ms
103ms XHR
text/plain 18.215.30.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.dynamicyield.com/clog
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.30.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-30-37.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://52.178.69.189/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:13 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 plf
c1.adform.net/imatch/ Frame D7D6 0
261 B 57ms
56ms Image
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame D7D6
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6252154911019776553&Expiration=1640515632
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6252154911019776553&Expiration=1640515632

43 B
423 B

33ms
32ms

Image
image/gif

54.246.208.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6252154911019776553&Expiration=1640515632
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Server: 54.246.208.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-208-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 12 Dec 2021 10:47:17 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6252154911019776553&Expiration=1640515632
date: Sun, 12 Dec 2021 10:47:13 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame D7D6 0
522 B 387ms
36ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=6252154911019776553

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Dec 2021 10:47:13 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sat, 11 Dec 2021 10:47:13 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame D7D6 0
214 B 282ms
8ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D7D6
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6252154911019776553&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6252154911019776553&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=d3c8352a9e7c441aa...
https://c1.adform.net/serving/cookie/match?party=9&uid=7b605c4ce353d900f840d77eac1eabbcea38086a04c6a3947718f04861c7972c

35 B
467 B

21ms
21ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=7b605c4ce353d900f840d77eac1eabbcea38086a04c6a3947718f04861c7972c

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:13 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=7b605c4ce353d900f840d77eac1eabbcea38086a04c6a3947718f04861c7972c
date: Sun, 12 Dec 2021 10:47:12 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame D7D6 43 B
163 B 141ms
24ms Image
image/gif 185.86.138.144
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6252154911019776553&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame D7D6
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=6252154911019776553&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=6252154911019776553&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6252154911019776553&_origin=1&apid=UPdd3fba9c-5b38-11ec-b2c5-024703e8ab5a
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6252154911019776553&_origin=1&apid=UPdd3fba9c-5b38-11ec-b2c5-024703e8ab5a&verify=true

0
603 B

13ms
13ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=6252154911019776553&_origin=1&apid=UPdd3fba9c-5b38-11ec-b2c5-024703e8ab5a&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:17 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=6252154911019776553&_origin=1&apid=UPdd3fba9c-5b38-11ec-b2c5-024703e8ab5a&verify=true
date: Sun, 12 Dec 2021 10:47:13 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame D7D6 43 B
713 B 158ms
39ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Dec 2021 10:47:13 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1639306032949056-333
Expires: Sun, 12 Dec 2021 10:47:13 GMT

GET
H2

200

RX-020a1a48-6c92-4d72-b86e-89db9150294d-003
sync.targeting.unrulymedia.com/csync/ Frame D7D6
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=6252154911019776553
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6252154911019776553
https://sync.1rx.io/usersync/bidswitch/90695bd4-e477-42d7-8ac8-d3b57ffc8602?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/90695bd4-e477-42d7-8ac8-d3b57ffc8602?zcc=1&dspret=0&cb=1639306037801
https://sync.targeting.unrulymedia.com/csync/RX-020a1a48-6c92-4d72-b86e-89db9150294d-003

43 B
395 B

49ms
13ms

Image
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-020a1a48-6c92-4d72-b86e-89db9150294d-003
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:17 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-020a1a48-6c92-4d72-b86e-89db9150294d-003
pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D7D6
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6252154911019776553&expiration=1640515632
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6252154911019776553&expiration=1640515632&C=1

43 B
1006 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6252154911019776553&expiration=1640515632&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Dec 2021 10:47:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 12 Dec 2021 10:47:17 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 12 Dec 2021 10:47:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6252154911019776553&expiration=1640515632&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Sun, 12 Dec 2021 10:47:13 GMT

GET
H/1.1

200
OK

info
uipglob.semasio.net/tradedesk/1/ Frame D7D6
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6252154911019776553&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6252154911019776553&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=7e3961b5-d335-4700-8ff9-9e7e41db9b1a&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=e64d32db-8133-4800-9480-11e69dcc1b02

42 B
604 B

35ms
35ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=e64d32db-8133-4800-9480-11e69dcc1b02
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:16 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=e64d32db-8133-4800-9480-11e69dcc1b02
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame D7D6
Redirect Chain

https://ps.eyeota.net/match?uid=6252154911019776553&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=6252154911019776553&bid=9gdtmu1

70 B
440 B

8ms
8ms

Image
image/gif

3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=6252154911019776553&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:17 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=6252154911019776553&bid=9gdtmu1
Date: Sun, 12 Dec 2021 10:47:13 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame D7D6
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6252154911019776553
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6252154911019776553&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
333 B

63ms
13ms

Image
image/gif

2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rzWlTh7/Yq8LAA==
x-accel-expires: @1639577043
date: Sun, 12 Dec 2021 10:47:17 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: sDXps2bf7n8=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 765794
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame D7D6 0
0 38ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

tpid=6252154911019776553
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame D7D6
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6252154911019776553
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6252154911019776553

49 B
734 B

40ms
40ms

Image
image/gif

52.17.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Server: 52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.94
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6252154911019776553
cache-control: no-cache
x-server: 10.45.8.245
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame D7D6 62 B
304 B 278ms
159ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:13 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame D7D6 43 B
275 B 39ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:13 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame D7D6
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

137ms
40ms

Image
image/gif

52.218.60.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Server: 52.218.60.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:18 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: FF80WA6R2MATCW3Z
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: FlBhzh1WKBWXKRfdlpagZ5q7Jg/lQbr90baVta0dId/StX1DvsND/3rzoBg9kkhwLfAu5IS2axk=

Redirect headers

X-Error-Reason: Missing UserId
Date: Sun, 12 Dec 2021 10:47:13 GMT
Server: akka-http/10.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame D7D6 35 B
248 B 292ms
93ms Image
image/gif 51.79.83.225
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=6252154911019776553&partner=68
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.83.225 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: pikafka-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H/1.1

403
Forbidden

/
cm.smartstream.tv/ Frame D7D6
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6252154911019776553
https://tags.adsafety.net/v1/cm?cm_uid=CM12021121210b0cbbcdc98f37f22af6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=433833a3adb1b102882a2723a937bea3
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12021121210b0cbbcdc98f37f22af6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=433833a3adb1b102882a2723a937bea3&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEyMTIxMGIwY2JiY2RjOThmMzdmMjJhZjY
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEDZEAgJhiw3VSENUFrgs6hw&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12021121210b0cbbcdc98f37f22af6
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=6252154911019776553
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7040765817077823638

0
0

30ms
7ms

Image
text/html

85.90.245.27
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7040765817077823638
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Server: 85.90.245.27 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1428-27.members.linode.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Location: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7040765817077823638
Date: Sun, 12 Dec 2021 10:47:18 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame D7D6 0
338 B 111ms
31ms Image
text/plain 52.215.164.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.164.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-164-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1639306037
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame D7D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjI1MjE1NDkxMTAxOTc3NjU1Mw
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDpEzK-il1TJYhIsDVhE5rU&google_cver=1&google_ula=1641347,0

35 B
467 B

19ms
19ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDpEzK-il1TJYhIsDVhE5rU&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDpEzK-il1TJYhIsDVhE5rU&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame D7D6 0
261 B 57ms
55ms Image
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame D7D6
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=1214088626216128084&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=6252154911019776553

43 B
994 B

35ms
35ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=6252154911019776553

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

HTTP/1.1

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Dec 2021 10:47:17 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 508e5873-750c-4015-abd3-f804cdf4aefc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=6252154911019776553
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame D7D6 42 B
542 B 86ms
24ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:17 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:482
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame D7D6 43 B
444 B 48ms
11ms Image
image/gif 65.9.68.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-72.fra56.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 07:58:37 GMT
Via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 10120
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Content-Length: 43
X-Amz-Cf-Id: 6nK7WI9LHHkAozz8MAh6ZrgWEDJzLT0BVZNnuzynukZLQo195F0jnA==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame D7D6
Redirect Chain

https://a.audrte.com/a?adform_uid=6252154911019776553
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEPXk8D6V2l3Ft8663RQHCCs&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=8glAOku7-qGSwutJ0V9mb4vYg&gdpr=0&gdpr_consent=

70 B
440 B

8ms
8ms

Image
image/gif

3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=8glAOku7-qGSwutJ0V9mb4vYg&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:18 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Sun, 12 Dec 2021 10:47:18 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=8glAOku7-qGSwutJ0V9mb4vYg&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D7D6
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6252154911019776553&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6252154911019776553&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=86725286188342488023858330356715416342&noredirect=1

35 B
467 B

18ms
18ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=86725286188342488023858330356715416342&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v023-079c8d5ff.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: umjiOGFYTnU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=86725286188342488023858330356715416342&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame D7D6
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6252154911019776553
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164990203998000151813

35 B
467 B

20ms
19ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164990203998000151813

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164990203998000151813
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame D7D6
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7040765817077823638

35 B
467 B

20ms
20ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7040765817077823638

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7040765817077823638
Date: Sun, 12 Dec 2021 10:47:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame D7D6 62 B
725 B 163ms
162ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:17 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 2d6b
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D7D6
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=e16861b5-d335-4400-98c9-654900b95c6f

35 B
467 B

18ms
18ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=e16861b5-d335-4400-98c9-654900b95c6f

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Sun, 12 Dec 2021 10:47:17 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=e16861b5-d335-4400-98c9-654900b95c6f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Sun, 12 Dec 2021 10:47:16 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D7D6
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=J4seeRV71MWmnX5

35 B
467 B

19ms
18ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=J4seeRV71MWmnX5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Sun, 12 Dec 2021 10:47:16 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0fb8f8c60b2bcfa88@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=J4seeRV71MWmnX5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame D7D6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e64d32db-8133-4800-9480-11e69dcc1b02

35 B
467 B

20ms
20ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e64d32db-8133-4800-9480-11e69dcc1b02

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=e64d32db-8133-4800-9480-11e69dcc1b02
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame D7D6 0
72 B 550ms
135ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Broomfield, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1

200

1.gif
id5-sync.com/c/10/10/2/ Frame D7D6
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=6252154911019776553
https://id5-sync.com/c/10/10/2/1.gif?puid=6252154911019776553&gdpr=1&gdpr_consent=

43 B
1009 B

11ms
11ms

Image
image/gif

141.95.34.104
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/10/10/2/1.gif?puid=6252154911019776553&gdpr=1&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

HTTP/1.1

Server

141.95.34.104 , France, ASN16276 (OVH, FR),

Reverse DNS

p33.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:03 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/10/10/2/1.gif?puid=6252154911019776553&gdpr=1&gdpr_consent=
Date: Sun, 12 Dec 2021 10:47:03 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame D7D6
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1986608057
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=2kd6C.EmLrsizoYdz1MTD.

35 B
467 B

19ms
18ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=2kd6C.EmLrsizoYdz1MTD.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:17 GMT
via: 1.1 google
last-modified: Sun, 12 Dec 2021 10:47:17 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=2kd6C.EmLrsizoYdz1MTD.
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame D7D6 23 B
172 B 124ms
42ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:18 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 12 Dec 2021 10:47:18 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame D7D6
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6252154911019776553
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6252154911019776553&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6252154911019776553&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dmc-test-dn3
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:17 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6252154911019776553&cs=1
date: Sun, 12 Dec 2021 10:47:17 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame D7D6 0
239 B 35ms
7ms Image
text/plain 2600:9000:211e:5000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6252154911019776553
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:17 GMT
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 4uTKG61IzTtFUBelZWwFtSgF6cTSgOeGa1-hiiLo3ZMjjNp10rVneQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D7D6
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=6252154911019776553&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=6252154911019776553&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=b6f47f91-d66f-4d80-93b0-9dcda0232e4b

35 B
467 B

18ms
18ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=b6f47f91-d66f-4d80-93b0-9dcda0232e4b

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=b6f47f91-d66f-4d80-93b0-9dcda0232e4b
date: Sun, 12 Dec 2021 10:47:18 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 6252154911019776553
match.contentexchange.me/adform/ Frame D7D6 0
49 B 95ms
27ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/6252154911019776553?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:18 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame D7D6
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=6252154911019776553&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6252154911019776553&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6252154911019776553&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=6252154911019776553&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Sun, 12 Dec 2021 10:47:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame D7D6 0
261 B 55ms
55ms Image
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6252154911019776553&agencyId=5776&advertiserId=2019851&src=tp&rnd=504357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:47:12 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK roboto-condensed-regular.ttf
52.178.69.189/webappv2/assets/fonts/ 158 KB
158 KB 21ms
20ms Font
application/octet-stream 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/assets/fonts/roboto-condensed-regular.ttf
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/main.css?i=20181005
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d5cbe10cfb954e6d580525bd05536b21447ce29ab8a84e21da8a58b588190326

Request headers

Referer: https://52.178.69.189/webappv2/build/main.css?i=20181005
Origin: https://52.178.69.189
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:16 GMT
Last-Modified: Fri, 13 Mar 2020 09:56:29 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c27843ab1df9d51:0"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 161524

GET
H/1.1 200
OK codere-icon.ttf
52.178.69.189/webappv2/assets/fonts/codere-icon/ 60 KB
60 KB 17ms
17ms Font
application/octet-stream 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/assets/fonts/codere-icon/codere-icon.ttf
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/main.css?i=20181005
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 525613554b75b4e4ae46d2d47b7947482303a7069a3f53243ae7ecc6f19b2358

Request headers

Referer: https://52.178.69.189/webappv2/build/main.css?i=20181005
Origin: https://52.178.69.189
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:16 GMT
Last-Modified: Fri, 13 Mar 2020 09:55:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "63680941df9d51:0"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 61244

GET
H/1.1 200
OK ionicons.woff2
52.178.69.189/webappv2/assets/fonts/ 60 KB
60 KB 28ms
28ms Font
application/font-woff2 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/assets/fonts/ionicons.woff2?v=3.0.0-alpha.3
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/main.css?i=20181005
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4acc6ffbeeac5217951647f5579d8c99526c6757ff84a70a4ff1f32fbf17348b

Request headers

Referer: https://52.178.69.189/webappv2/build/main.css?i=20181005
Origin: https://52.178.69.189
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:16 GMT
Last-Modified: Fri, 13 Mar 2020 09:56:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "eebec0a91df9d51:0"
Content-Type: application/font-woff2
Accept-Ranges: bytes
Content-Length: 61020

GET
H/1.1 200
OK setlanguagecode Show response
52.178.69.189/csbgonline/home/ 30 B
430 B 21ms
21ms XHR
application/json 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/csbgonline/home/setlanguagecode?languageCode=es-mx
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ea163a676673e1dfa8f2a8052cf184d85bb122d17faecf44d439a7314c8374fa

Request headers

Accept: application/json, text/plain, */*
Referer: https://52.178.69.189/webappv2/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:16 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 4.0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 48

GET
H/1.1 200
OK SetLanguageAndGetResources Show response
52.178.69.189/DynTemplateGen/Api/Resources/ 121 KB
121 KB 2278ms
2278ms XHR
application/json 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/DynTemplateGen/Api/Resources/SetLanguageAndGetResources?languageCode=es-mx
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3054c0e143214b2147cd9809186437dd1fe01cf1a3156b0f6434c0b883c77d4

Request headers

Accept: application/json, text/plain, */*
Referer: https://52.178.69.189/webappv2/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:19 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
ETag: "6c2b5527-a9af-4625-888c-43316e32a8ac"
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43719
Content-Length: 123679

GET
H/1.1 200
OK getOrder Show response
52.178.69.189/csbgonline/NoSessionTimeout/ 854 B
864 B 43ms
42ms XHR
application/json 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/csbgonline/NoSessionTimeout/getOrder?_=1639306037608
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cecfe69d35db01ddfe80a0a588d66eff5065aedb741e93ea54cb11e71c9d665e

Request headers

Accept: application/json, text/plain, */*
Referer: https://52.178.69.189/webappv2/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:16 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 4.0
Last-Modified: Sun, 12 Dec 2021 10:47:17 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: *
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, no-store, max-age=0
Content-Length: 440
Expires: Sun, 12 Dec 2021 10:47:17 GMT

GET
H/1.1 200
OK SponsorsLogo.png
52.178.69.189/webappv2/assets/img/ 13 KB
13 KB 17ms
17ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/SponsorsLogo.png
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 089202f18e9c1580f2aa469e222c7fe9e17fa2cff74a90dc7bb090deb8e841fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:16 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "a1cf2d2190f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 12970

GET
H/1.1 404
Not Found Ico_null.png
52.178.69.189/webappv2/assets/img/banderas/ 1 KB
1 KB 17ms
17ms Image
text/html 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/banderas/Ico_null.png
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:16 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 200
OK ring.svg
52.178.69.189/webappv2/assets/img/ 2 KB
2 KB 17ms
17ms Image
image/svg+xml 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/ring.svg
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 347d36998120dc76ee8b3c81e6d0b4d85970cbe7daaba21f5ce0d92f7e391e2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:16 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:41 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "67a0582e90f8d51:0"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2274

GET
H/1.1 200
OK codere-apuestas-mx.svg
52.178.69.189/webappv2/assets/img/ 1 KB
2 KB 18ms
16ms Image
image/svg+xml 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/codere-apuestas-mx.svg
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5e9e658617f47fb957890aff425253bb8e2470cd43d7647195410f6dbfe327dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:16 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:38 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "ccf9c82c90f8d51:0"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1453

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/ 77 KB
28 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDR-AuFd7Yauvrc_dohj187f-k3pQvSMsg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53151b27d3fe0aee685683cbe17655b3211283291e189219412694165053950e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 15:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28790
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:54:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 15:26:20 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/ 297 KB
91 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDR-AuFd7Yauvrc_dohj187f-k3pQvSMsg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

078316556d1ea20ac469d50ac1313f3837b5d00001e6cce069d3fb1a0c5e96c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92718
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:54:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 18:38:16 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 15ms
15ms Preflight 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://52.178.69.189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Sun, 12 Dec 2021 10:47:17 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
186 B 753ms
753ms XHR
application/json 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c5669be856d4bfeac5bd35ed80b05fd7c6f79fbf945cbfdaaf051672dc534b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://52.178.69.189/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 9663DBB3-45EE-49A5-81C7-5292042D13F3
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sun, 12 Dec 2021 10:47:18 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
H/1.1 200
OK getFeatures Show response
52.178.69.189/csbgonline/home/ 10 KB
4 KB 19ms
19ms XHR
application/json 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/csbgonline/home/getFeatures?region=4
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9e6f33609bbfd590f439037e4ad52f327ef4b5bba38fc1fc67493f7773f3336f

Request headers

Accept: application/json, text/plain, */*
Referer: https://52.178.69.189/webappv2/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:19 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 4.0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 3796

POST
H/1.1 404
Not Found renamekey Show response
52.178.69.189/webappv2/undefined/cookie/ 1 KB
1 KB 22ms
22ms XHR
text/html 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/webappv2/undefined/cookie/renamekey
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Accept: application/json, text/plain, */*
Referer: https://52.178.69.189/webappv2/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json

Response headers

Date: Sun, 12 Dec 2021 10:47:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 200
OK GetCurrentUser Show response
52.178.69.189/csbgonline/account/ 37 B
363 B 20ms
20ms XHR
application/json 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/csbgonline/account/GetCurrentUser
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 35c3816bf0e6c2920c86bc6666a31c733ab64d6da44a887e097ccaf98fd5a7a7

Request headers

Accept: application/json, text/plain, */*
Referer: https://52.178.69.189/webappv2/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 4.0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 55

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 15ms
14ms Preflight 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://52.178.69.189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Sun, 12 Dec 2021 10:47:20 GMT
content-length: 0

GET
H/1.1 200
OK getOrder Show response
52.178.69.189/csbgonline/NoSessionTimeout/ 854 B
864 B 17ms
16ms XHR
application/json 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/csbgonline/NoSessionTimeout/getOrder?_=1639306040767
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9bcff188db8ec82a13954ecad7f58c6164f4e7de1ed98323953aae652d35f612

Request headers

Accept: application/json, text/plain, */*
Referer: https://52.178.69.189/webappv2/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 4.0
Last-Modified: Sun, 12 Dec 2021 10:47:20 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: *
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, no-store, max-age=0
Content-Length: 440
Expires: Sun, 12 Dec 2021 10:47:20 GMT

GET GetSports
52.178.69.189/csbgonline/home/ 0
0

GET
H/1.1 200
OK gethighlights Show response
52.178.69.189/csbgonline/home/ 2 B
362 B 617ms
617ms XHR
application/json 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://52.178.69.189/csbgonline/home/gethighlights?parentid=-1&languageCode=es-mx
Requested by: Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer: https://52.178.69.189/webappv2/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Dec 2021 10:47:20 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 4.0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Length: 22
Expires: -1

GET minimumRequiredVersion
52.178.69.189/CheckReceiveMailMvc/version/ 0
0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
163 B 700ms
700ms XHR
application/json 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d1cdfb07d2469d9ed4652940f39e7ca37723d935b625cc8076a80af6d80e0154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://52.178.69.189/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 639D1AAE-7687-4500-808F-4B93596626ED
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sun, 12 Dec 2021 10:47:20 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET GetSliderImages
m.codere.mx/cacheservices/home/ 0
0

GET GetHomeLiveEvents
52.178.69.189/csbgonline/NoSessionTimeout/ 0
0

GET GetHighlightsEvents
52.178.69.189/csbgonline/NoSessionTimeout/ 0
0

GET
H/1.1 200
OK FooterLocalCodere_bn.png
52.178.69.189/webappv2/assets/img/ 6 KB
6 KB 19ms
19ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/FooterLocalCodere_bn.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5ffdc7c4947e97285b6f602c1e3c267e9d7584869e9aac2d027261583144dc74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f9e43d2990f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6362

GET
H/1.1 200
OK FooterVisa_bn.png
52.178.69.189/webappv2/assets/img/ 6 KB
6 KB 16ms
16ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/FooterVisa_bn.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f43a837b083eef50e5d8224315505eba3eedc6cea7ee3090029fbdc129fc850a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:20 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "10debb2190f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5632

GET
H/1.1 200
OK FooterPaynet.png
52.178.69.189/webappv2/assets/img/ 15 KB
16 KB 144ms
16ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/FooterPaynet.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f288f0603d9776a41f09bf392fd80b85838ed085c9e4e38b742f9022dc93a204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:38 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "7e5a792c90f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15803

GET
H/1.1 200
OK FooterMasterCard_bn.png
52.178.69.189/webappv2/assets/img/ 6 KB
6 KB 160ms
15ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/FooterMasterCard_bn.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e8709c77954428f864a172ddd8e53de755ce08af9a1dc900774bbf02ffce82e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c0b5f1d90f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6323

GET
H/1.1 200
OK Footertransferencia_bn.png
52.178.69.189/webappv2/assets/img/ 6 KB
6 KB 111ms
19ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/Footertransferencia_bn.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: aad719e933002a9369ff05922536e2c90f6f4e8782265673db40278d3c36554f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:40 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "3e1fa2d90f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6252

GET
H/1.1 200
OK Footerteleingreso_bn.png
52.178.69.189/webappv2/assets/img/ 20 KB
20 KB 294ms
16ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/Footerteleingreso_bn.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e54dc882150059e158351a8880a563c5e590f14723a070d5ecec09c3220e4579

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:17 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8d23da1f90f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20690

GET
H/1.1 200
OK FooterOxxo.png
52.178.69.189/webappv2/assets/img/ 13 KB
13 KB 91ms
17ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/FooterOxxo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 15c44532d14f5732b62a9550f529963642ced85d0ddb0f5d666e130832678390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:29 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "86fa782790f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 12927

GET
H/1.1 200
OK Footerspei.png
52.178.69.189/webappv2/assets/img/ 11 KB
12 KB 211ms
15ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/Footerspei.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6aae819c1b31846aff8d4836f239bd3ea818e361fe1c65f339cf0cb5cd25baa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:29 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "3e4d412790f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11643

GET
H/1.1 200
OK FooterlogMx.png
52.178.69.189/webappv2/assets/img/ 36 KB
37 KB 127ms
16ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/FooterlogMx.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 96224d29d669f052ddbf10f7ae978be8196277af2a635044a851349373a4fa42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "522b2d1b90f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 37277

GET
H/1.1 200
OK FooterdescargaIos.png
52.178.69.189/webappv2/assets/img/ 54 KB
55 KB 302ms
17ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/FooterdescargaIos.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fe2467cbe44c04abd3760449b8606a3f45deaa622ed4d69c8984d3428bb202c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:22 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c3fff2290f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 55686

GET
H/1.1 200
OK Codere_PastillaRealMadrid.png
52.178.69.189/webappv2/assets/img/ 13 KB
13 KB 259ms
16ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/Codere_PastillaRealMadrid.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 017b287a067478f63062a726402fa0254f1bca0ba5230f2455bddd4c27a7fed1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:37 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "eed82b90f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13295

GET
H/1.1 200
OK logo_codererayados.png
52.178.69.189/webappv2/assets/img/ 10 KB
10 KB 195ms
17ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/logo_codererayados.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3a335f48dba26c8665cf96d8d6587648a7d74a652324595e12cb602bece8054c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Wed, 17 Feb 2021 10:06:17 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9fac4788145d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10288

GET
H/1.1 200
OK icon-chat.png
52.178.69.189/webappv2/assets/img/ 4 KB
4 KB 243ms
15ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/icon-chat.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6504efc0b7a879c6ee4810e806d38268a1a93e1cd55ea524866e3fb8993c94b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:31 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d3cb5c2890f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4109

GET
H/1.1 200
OK icon-istagram.png
52.178.69.189/webappv2/assets/img/ 10 KB
10 KB 277ms
16ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/icon-istagram.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0c326303cd19e4b47aedaf26bbebc3cd0e74d98a25aaac07e6ea0c35da2f7262

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f891a02390f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10249

GET
H/1.1 200
OK icon-twitter.png
52.178.69.189/webappv2/assets/img/ 4 KB
4 KB 310ms
16ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/icon-twitter.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc37e04be47ca53f3512641e31ca7185072ef418e9e71f55cdc5226b33871b62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:42 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "053122f90f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3976

GET
H/1.1 200
OK icon-facebook.png
52.178.69.189/webappv2/assets/img/ 2 KB
3 KB 227ms
15ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/icon-facebook.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 555f7d873a25e41e062b201be206e39a267bbd230174dfcaee88df6271f83ef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:15 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "20e6d41e90f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2327

GET
H/1.1 200
OK FooterdescargaAndroid.png
52.178.69.189/webappv2/assets/img/ 10 KB
10 KB 177ms
16ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/FooterdescargaAndroid.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 018aa6210daf54ce137be994ed62681bcdd5e2c95bc5e845307d82b10acdcff2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4f21dd2590f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10398

GET
H2

200

src=8040082;dc_pre=CP2o-_GK3vQCFZBaGQodWPwNFQ;type=upper0;cat=home-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8040082;type=upper0;cat=home-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8040082;dc_pre=CP2o-_GK3vQCFZBaGQodWPwNFQ;type=upper0;cat=home-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8040082;dc_pre=CP2o-_GK3vQCFZBaGQodWPwNFQ;type=upper0;cat=home-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

42 B
494 B

68ms
43ms

Image
image/gif

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8040082;dc_pre=CP2o-_GK3vQCFZBaGQodWPwNFQ;type=upper0;cat=home-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Dec 2021 10:47:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8040082;dc_pre=CP2o-_GK3vQCFZBaGQodWPwNFQ;type=upper0;cat=home-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK real_madrid.svg
52.178.69.189/webappv2/assets/img/ 81 KB
81 KB 86ms
17ms Image
image/svg+xml 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/real_madrid.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9ebe7fdfb69275b8dab898dab1f9bb0bd4e48bca430a94f40e33adf0f462a8e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:03:08 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "fb9cf21a90f8d51:0"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 83063

GET
H/1.1 200
OK misterunderdog.png
52.178.69.189/webappv2/assets/img/ 6 KB
7 KB 136ms
17ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/misterunderdog.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2c6e2fcc60fb2f20cfe6e642ef9c2f9a65222d651a6caa69ff957a1571c6cea1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Fri, 21 Aug 2020 11:47:33 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "a4de6bdbb077d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6537

GET
H/1.1 200
OK champions-league-White.svg
52.178.69.189/webappv2/assets/img/ 3 KB
3 KB 119ms
16ms Image
image/svg+xml 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/champions-league-White.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 25610af2a681615780b93b0ab2a942bf3dbae1a1e3a77aaac23a808dc4f36fca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Tue, 04 Aug 2020 09:58:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "08464bc456ad61:0"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2976

GET
H/1.1 200
OK Ico_MX.png
52.178.69.189/webappv2/assets/img/banderas/ 2 KB
2 KB 335ms
198ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/banderas/Ico_MX.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a883c576f0a6c8eb43ae40b920c3e6ae31d243c8a2553eeac046c5f6e8e7c8b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:04:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "baadd83990f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2252

GET
H/1.1 200
OK Ico_CAM.png
52.178.69.189/webappv2/assets/img/banderas/ 13 KB
13 KB 69ms
15ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/banderas/Ico_CAM.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f08baf4d0bf0a5f660c8c1d5bdf633f2d4a6f967d1fd496d13d7893fdcd7fc3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:04:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "89ddae4990f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13500

GET
H/1.1 404
Not Found NBA-Logo.svg
52.178.69.189/webappv2/assets/img/codereIcons/ 1 KB
1 KB 102ms
15ms Image
text/html 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/codereIcons/NBA-Logo.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 404
Not Found mlb-Fake2.svg
52.178.69.189/webappv2/assets/img/codereIcons/ 1 KB
1 KB 20ms
17ms Image
text/html 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/codereIcons/mlb-Fake2.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 200
OK Ico_UEFA21.png
52.178.69.189/webappv2/assets/img/banderas/ 9 KB
9 KB 37ms
16ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/banderas/Ico_UEFA21.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c0135004fdc69f1b5c44102e2e425abac06690d1f515dc1a14b178dafe73a077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:04:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b649504f90f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9281

GET
H/1.1 200
OK Ico_WWC.png
52.178.69.189/webappv2/assets/img/banderas/ 9 KB
9 KB 53ms
16ms Image
image/png 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/banderas/Ico_WWC.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7d45e2ab4be1548380de31f4f2852b08e66061527c30e99d616035470346093a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Last-Modified: Thu, 12 Mar 2020 17:04:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "eebccf3c90f8d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9335

GET
H/1.1 404
Not Found Ico_null.png
52.178.69.189/webappv2/assets/img/banderas/ 1 KB
1 KB 15ms
15ms Image
text/html 52.178.69.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://52.178.69.189/webappv2/assets/img/banderas/Ico_null.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.178.69.189 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://52.178.69.189/webappv2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 12 Dec 2021 10:47:20 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 24ms
24ms Preflight 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://52.178.69.189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Sun, 12 Dec 2021 10:47:20 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
163 B 381ms
381ms XHR
application/json 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: 52.178.69.189
URL: https://52.178.69.189/webappv2/build/polyfills.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d1cdfb07d2469d9ed4652940f39e7ca37723d935b625cc8076a80af6d80e0154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://52.178.69.189/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: AA23819D-61A1-47E0-8DA8-0F3FFC274C2B
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sun, 12 Dec 2021 10:47:20 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuhby&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0925b7a0-ce06-4103-a1e2-1f47b256446b&tw_document_href=https%3A%2F%2F52.178.69.189%2Fcsbgonline%2Fhome%2Findex&tpx_cb=twttr.conversion.loadPixels

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54261750-1&cid=1340913202.1639306031&jid=1607084753&_u=IEBAAEAAAAAAAC~&z=2006139251

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54261750-1&cid=1340913202.1639306031&jid=1607084753&_u=IEBAAEAAAAAAAC~&z=2006139251

Domain: coderesbgonlinegeoip.azurewebsites.net
URL: https://coderesbgonlinegeoip.azurewebsites.net/ips/currentRequestCountryIsoCode

Domain: 52.178.69.189
URL: https://52.178.69.189/csbgonline/home/GetSports?languageCode=es-mx

Domain: 52.178.69.189
URL: https://52.178.69.189/CheckReceiveMailMvc/version/minimumRequiredVersion?region=4

Domain: m.codere.mx
URL: https://m.codere.mx/cacheservices/home/GetSliderImages?anonymous=true&license=Mexico&callback=__ng_jsonp__.__req0.finished&sharepointImagesList=bannerswebappPC

Domain: 52.178.69.189
URL: https://52.178.69.189/csbgonline/NoSessionTimeout/GetHomeLiveEvents?languageCode=es-mx&includeLiveCount=true&gametypes=97;1;18;184;874;959;158;259;317;393;195;459;159;911;303;313;2083

Domain: 52.178.69.189
URL: https://52.178.69.189/csbgonline/NoSessionTimeout/GetHighlightsEvents?languageCode=es-mx&gametypes=97;1;18;184;874;959;158;259;317;393;195;459;159;911;303;313;2083&sporthandle=soccer

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

119 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
52.178.69.189/	1970-01-19 23:31:50	Name: deviceType Value: Desktop
52.178.69.189/	1970-01-19 23:21:46	Name: _gat Value: 1
52.178.69.189/	1970-01-19 23:21:46	Name: _dc_gtm_UA-75372752-1 Value: 1
.twitter.com/	1970-01-20 16:52:58	Name: personalization_id Value: "v1_0pjpQntt6BZf5eMWnX6Qzw=="
52.178.69.189/	1969-12-31 23:59:59	Name: __RequestVerificationToken_L2NzYmdvbmxpbmU1 Value: gvqTN-d_FpBjV7DhQYTA-rAShp0-zFS76y30W0DcdU5fQ7vrmqkVZ0l6AziDtthhT3g-0f8hC-N00TNVqDe1gqB5Otk1
52.178.69.189/	1970-01-20 16:52:58	Name: _ga Value: GA1.1.1340913202.1639306031
52.178.69.189/	1970-01-19 23:23:12	Name: _gid Value: GA1.1.1335519273.1639306031
52.178.69.189/	1970-01-20 01:31:22	Name: _gcl_au Value: 1.1.59003154.1639306032
52.178.69.189/	1970-01-20 00:04:58	Name: _dy_ses_load_seq Value: 54112%3A1639306032354
52.178.69.189/	1969-12-31 23:59:59	Name: _dy_csc_ses Value: t
52.178.69.189/	1970-01-20 00:04:58	Name: _dy_c_exps Value:
52.178.69.189/	1970-01-20 08:07:22	Name: _dy_soct Value: 362819.602208.1639306032
.dynamicyield.com/	1970-01-20 08:07:22	Name: DYID Value: -1787928870038154448
.dynamicyield.com/	1969-12-31 23:59:59	Name: DYSES Value: 8df9778931fc6d40e9a307d0c7d2ebef
52.178.69.189/	1970-01-20 00:04:58	Name: _dycnst Value: dg
52.178.69.189/	1970-01-20 00:04:58	Name: _dyid Value: -1787928870038154448
52.178.69.189/	1969-12-31 23:59:59	Name: _dyfs Value: 1639306032633
52.178.69.189/	1969-12-31 23:59:59	Name: _dyjsession Value: 8df9778931fc6d40e9a307d0c7d2ebef
52.178.69.189/	1969-12-31 23:59:59	Name: dy_fs_page Value: 52.178.69.189%2Fwebappv2
52.178.69.189/	1969-12-31 23:59:59	Name: _dy_lu_ses Value: 8df9778931fc6d40e9a307d0c7d2ebef%3A1639306032634
52.178.69.189/	1970-01-20 00:04:58	Name: _dycst Value: dk.w.c.ws.
52.178.69.189/	1970-01-20 00:04:58	Name: _dy_geo Value: DE.EU.DE_BE.DE_BE_Berlin
52.178.69.189/	1970-01-20 00:04:58	Name: _dy_df_geo Value: Germany..Berlin
52.178.69.189/	1970-01-20 00:04:58	Name: _dy_toffset Value: 0
.adform.net/	1970-01-20 00:06:24	Name: C Value: 1
.paypal.com/	1970-01-21 01:40:00	Name: ts Value: vreXpYrS%3D1734000432%26vteXpYrS%3D1639307832%26vr%3Dae40f5eb17d0a8a180d28e9dffffffff%26vt%3Dae40f5eb17d0a8a180d28e9dfffffffe
.paypal.com/	1970-01-21 01:40:00	Name: ts_c Value: vr%3Dae40f5eb17d0a8a180d28e9dffffffff%26vt%3Dae40f5eb17d0a8a180d28e9dfffffffe
.adform.net/	1970-01-20 00:48:10	Name: uid Value: 6252154911019776553
.adform.net/	1970-01-19 23:23:12	Name: CM Value: 1\|1
.seadform.net/	1970-01-20 00:48:10	Name: uid Value: 6252154911019776553
.adform.net/	1970-01-19 23:41:55	Name: CM14 Value: 1639392432_1639306032_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
.adscale.de/	1970-01-20 08:04:02	Name: uu Value: d3c8352a9e7c441aadf3b2368aef320f
.adscale.de/	1970-01-20 08:04:02	Name: cct Value: 1639306032980
.advertising.com/	1970-01-20 08:08:48	Name: APID Value: UPdd3fba9c-5b38-11ec-b2c5-024703e8ab5a
.ih.adscale.de/	1970-01-20 08:04:02	Name: tu Value: 4#2691837754#42~6252154911019776553~455362~0~0
.casalemedia.com/	1970-01-20 08:07:22	Name: CMID Value: YbXTMUhnQGF9UuPaVjC6wAAA
.casalemedia.com/	1970-01-20 01:31:22	Name: CMPS Value: 5224
.360yield.com/	1970-01-20 01:31:22	Name: tuuid Value: a88bd8be-40f5-4995-be62-3994426f264a
.360yield.com/	1970-01-20 01:31:22	Name: tuuid_lu Value: 1639306033
.semasio.net/	1970-01-20 08:07:22	Name: SEUNCY Value: F262205602AF521B
ads.stickyadstv.com/	1970-01-20 00:48:10	Name: uid-bp-617 Value: 6252154911019776553
ads.stickyadstv.com/	1970-01-20 00:04:58	Name: UID Value: e646111e519bcc1de92ef47559fc8d3
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: c2bb7a57a18bee68df74733cba6176b
.eyeota.net/	1970-01-20 08:07:22	Name: mako_uid Value: 17dae40f7a4-7f70000010f53a5
.eyeota.net/	1970-01-19 23:21:46	Name: SERVERID Value: 21413~DM
.yahoo.com/	1970-01-20 08:07:43	Name: A3 Value: d=AQABBDHTtWECEJqphdmRSReppvJecqYvdn0FEgEBAQEkt2G_YQAAAAAA_eMAAA&S=AQAAAgGEnTJzBVuTT3uVhQP4qmQ
.exelator.com/	1970-01-20 02:14:34	Name: EE Value: "513d39a1ec0cc12b5aa2f0fcb669aa0f"
.bidswitch.net/	1970-01-20 08:07:22	Name: tuuid Value: 90695bd4-e477-42d7-8ac8-d3b57ffc8602
.bidswitch.net/	1970-01-20 08:07:22	Name: c Value: 1639306033
.yieldlab.net/	1970-01-20 08:07:22	Name: id Value: 798476cd-800f-4ef6-8780-4a4789db5699
.onaudience.com/	1970-01-20 08:07:22	Name: cookie Value: d14552d459cd3eba
cm.adsafety.net/	1970-01-20 08:07:22	Name: UID Value: CM12021121210b0cbbcdc98f37f22af6
.adsafety.net/	1970-01-20 08:07:22	Name: cm_uid Value: CM12021121210b0cbbcdc98f37f22af6
52.178.69.189/	1970-01-20 08:07:22	Name: idioma Value: es-mx
52.178.69.189/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ue254k31kueg2fwtnkn2gr3a
.analytics.yahoo.com/	1970-01-20 08:08:48	Name: IDSYNC Value: 1760~221m
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPdd3fba9c-5b38-11ec-b2c5-024703e8ab5a
.yahoo.com/	1970-01-19 23:23:12	Name: APIDTS Value: 1639306037
.casalemedia.com/	1970-01-20 01:31:22	Name: CMPRO Value: 1134
.casalemedia.com/	1970-01-19 23:23:12	Name: CMST Value: YbXTNWG10zUA
.casalemedia.com/	1970-01-20 08:07:22	Name: CMRUM3 Value: 6f61b5d33527606252154911019776553
.360yield.com/	1970-01-20 01:31:22	Name: um Value: !42,w-lHXfu35zcScOJ9fVpYaWVb66WEzW0Yl8Ui0klLVbjy,1640515632
.360yield.com/	1970-01-20 01:31:22	Name: umeh Value: !42,0,1701514037,-1
.exelator.com/	1970-01-20 02:14:34	Name: ud Value: "eJxrXxzq6XKLQcHU0DjF2DLRMDXZIDnZ0CjJNDHRKM0gLTnJzMwyMdEgbXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F77uuAACwgirF"
.crwdcntrl.net/	1970-01-20 05:50:31	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:50:31	Name: _cc_id Value: ebcff20d00a81c3ad42e86a322da3ff
.crwdcntrl.net/	1970-01-20 05:50:34	Name: _cc_cc Value: "ACZ4XmOQT01KTkszMkgxMEi0MEw2TkwxMUq1MEs0NjJKSTROS2MAgsStl01BNBQAAGhTC3Q%3D"
.crwdcntrl.net/	1970-01-20 05:50:34	Name: _cc_aud Value: "ABR4XmNgYGBI3HrZFEhBAQAavAIf"
.adnxs.com/	1970-01-20 01:31:22	Name: uuid2 Value: 1214088626216128084
.doubleclick.net/	1970-01-20 08:43:22	Name: IDE Value: AHWqTUnbT0vmrG_ZGB-hIyol9ZbHhbMsSvJFP2xu3o0WvW9e1wwlYxe8fXyL07yxgCI
.bidswitch.net/	1970-01-20 08:07:22	Name: tuuid_lu Value: 1639306037
.pubmatic.com/	1970-01-20 00:04:58	Name: KRTBCOOKIE_391 Value: 22924-6252154911019776553&KRTB&23263-6252154911019776553
.pubmatic.com/	1970-01-20 00:04:58	Name: PugT Value: 1639306037
.pubmatic.com/	1970-01-20 01:31:22	Name: PUBMDCID Value: 3
.krxd.net/	1970-01-20 03:40:58	Name: _kuid_ Value: OiUA7Z7U
tags.adsafety.net/	1970-01-20 08:07:22	Name: UID Value: 433833a3adb1b102882a2723a937bea3
tags.adsafety.net/	1970-01-20 08:07:22	Name: DID Value: 433833a3adb1b102882a2723a937bea3
tags.adsafety.net/	1970-01-20 08:07:22	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 08:07:22	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 00:04:58	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 08:07:22	Name: ct_uid Value: 433833a3adb1b102882a2723a937bea3
.adsafety.net/	1970-01-20 08:07:22	Name: ct_did Value: 433833a3adb1b102882a2723a937bea3
.adsafety.net/	1970-01-20 08:07:22	Name: ct_idt Value: 100
.agkn.com/	1970-01-20 08:07:22	Name: ab Value: 0001%3A%2BR91%2BUtANnHcWlB6xdf9sXkbhuTEy7%2B5
.1rx.io/	1970-01-20 08:07:22	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-020a1a48-6c92-4d72-b86e-89db9150294d-003%22%7D
.adfarm1.adition.com/	1970-01-20 01:31:22	Name: UserID1 Value: 7040765817077823638
cm.adsafety.net/	1970-01-20 08:07:22	Name: permanent Value: 1
.adnxs.com/	1970-01-20 01:31:22	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2In<gizMn!]tbPl1M66+q([OUezrC[OIrVQ8CtBN^EuRa]FJw_/#v'k9h3wbpRzqF1`*b`V^(PDH[
ads.smartstream.tv/	1970-01-20 08:07:22	Name: DID Value: 433833a3adb1b102882a2723a937bea3
ads.smartstream.tv/	1970-01-20 08:07:22	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 08:07:22	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 00:04:58	Name: cm_uid Value: CM12021121210b0cbbcdc98f37f22af6
.targeting.unrulymedia.com/	1970-01-20 08:07:22	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-020a1a48-6c92-4d72-b86e-89db9150294d-003%22%7D
.w55c.net/	1970-01-20 08:52:00	Name: wfivefivec Value: J4seeRV71MWmnX5
.w55c.net/	1970-01-20 00:04:58	Name: matchadform Value: 5
.mathtag.com/	1970-01-20 08:47:41	Name: uuid Value: e16861b5-d335-4400-98c9-654900b95c6f
.demdex.net/	1970-01-20 03:40:58	Name: demdex Value: 86725286188342488023858330356715416342
.id5-sync.com/	1970-01-19 23:21:46	Name: cf Value:
.id5-sync.com/	1970-01-19 23:21:46	Name: cip Value:
.id5-sync.com/	1970-01-19 23:21:46	Name: cnac Value:
.id5-sync.com/	1970-01-19 23:21:46	Name: car Value:
.id5-sync.com/	1970-01-19 23:21:46	Name: gdpr Value:
.id5-sync.com/	1970-01-19 23:21:46	Name: id5 Value: febf4e0f-d23d-419a-9f62-38faa64a0ab1#1639306024491#1
.id5-sync.com/	1970-01-19 23:21:46	Name: callback Value:
.dpm.demdex.net/	1970-01-20 03:40:58	Name: dpm Value: 86725286188342488023858330356715416342
.weborama.fr/	1970-01-20 08:53:26	Name: AFFICHE_W Value: SbJeXvh2CJ9J52
.adsrvr.org/	1970-01-20 08:07:22	Name: TDID Value: e64d32db-8133-4800-9480-11e69dcc1b02
.1dmp.io/	1970-01-20 08:07:22	Name: uid Value: e03700c2-5b38-11ec-a15e-901b0e8d6a9d
.bluekai.com/	1970-01-20 03:40:58	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 03:40:58	Name: bkpa Value: KJpEnXTLu5DlBMRt1nnwEnWN1p/N1MxNLEx6BeY6Bezl1pDNOQY5nyQl
.bluekai.com/	1970-01-20 03:40:58	Name: bku Value: aG/99eUE+VswNfxC
.adsrvr.org/	1970-01-20 08:07:22	Name: TDCPM Value: CAESFgoHc2VtYXNpbxILCPz6ncvZ2Z46EAUYBSABKAIyCwig4Pr379meOhAFOAE.
.tapad.com/	1970-01-20 00:48:10	Name: TapAd_TS Value: 1639306038006
.tapad.com/	1970-01-20 00:48:10	Name: TapAd_DID Value: b6f47f91-d66f-4d80-93b0-9dcda0232e4b
.3lift.com/	1970-01-20 01:31:22	Name: tluid Value: 7273500576984692402
cm.adsafety.net/	1970-01-20 08:07:22	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaOXNaVkgrcTZmT2phTkdDcDlYZUVCbDBDZmdDbEJWc2JhV1AzVWdiZVlUdzY2bGxOZ25JK2gxYXZETUZ1K2h2dThMVG9TTy9uWHU1aDlVRTIrWFBPNk02T1laTE1HOWNUYjdmY0JPNFBUK0ZyeCtEeWEzUGNsejNFdEREa0xidVBPTHRFNTloNWlDWkQ3QVM4MjZwMHZFMmY3RmxzQjQ3Mm54V25GY1NQWlRERmp4QzNaVjFyV0pkZjhYa29TK0NBTHBPOWNHWmtEL0tBdUp4VjF6cDZnYnlOWW5HU3JHdFVLVWJZbFFpODZGUlZVRm5oTGx6MC9kcUZmZGVJTFNHUVE1TE1TMGRzUmt6RW83a3NHUVFRdm1wVkU3RWNXTFMyVi9jYkhldXgrNG1YbjNVVExaMWNKYUdUakJKUG9ZTUN2aVhwMzFDVldlNXI4bmpjSS95bkNscmpUZjg0NGZ4Y1lRZzJKazU4ckZtOTNMdTRCclFuSnNocFFmbW5NNlZGb1NpTkxaVmtHZytId2NsNnM1QXNKVnUxT2kyMnRuOGphalpPM2FrZnZQUUhIRTZHeERzTm1PUzlZaXo3ZEE3VE1TMEtBbXFPeGJsd3hWTHhieWp6ZU1mUFFrRDRyTGN6d05SSk9iZ3BIaDdzSW50TUNEZVl0cFRUOHUwS1hjaFlzUGd2QTBTVW1taTNudEptVFNKaGlVa05QZ0NGWUI4eDIyQUFicG81eVBrbmdJYzhmdDIveDVMR1YvUmhGcGdPakVaTW05S25aaGxTRGxsT0p0R2lvcW9QcytTWlJma2MwdzVEZU1FOTRyekdNMFJRcmhRalN2YmUraXNUUm9PM3VWQWxXM3Q3TnlsenYzTktPbWlmZHBVZUJPRElxSm1nTHNlcHpaeVBRWGxIenM0VDB3ZWJhTWdQQklNdG9wVUh3UGFaR3prMS8zL2JvL2MraERSR3kwdWVucDlTWlRkaUFQRmVuaE9GSk12STFISHdqM1ZaUzEyRnluaEppL0JiWjVyVC95S09yWWFjblhYRUdBZDVtNVE0YjBGYWpCT0l1dXJMUHpTdU0reGlEekFtL0l6L1V4bG5NQk0yUlF4WHc9PQ%3D%3D
.tapad.com/	1970-01-20 00:48:10	Name: TapAd_3WAY_SYNCS Value:
.audrte.com/	1969-12-31 23:59:59	Name: arcki2 Value: 8glAOku7-qGSwutJ0V9mb4vYg!20210804!1639306038099
52.178.69.189/	1970-01-20 08:07:22	Name: cuota Value: ame

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://52.178.69.189/webappv2/ Message: Access to XMLHttpRequest at 'https://coderesbgonlinegeoip.azurewebsites.net/ips/currentRequestCountryIsoCode' from origin 'https://52.178.69.189' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://coderesbgonlinegeoip.azurewebsites.net/ips/currentRequestCountryIsoCode Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://52.178.69.189/webappv2/assets/img/banderas/Ico_null.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=6252154911019776553 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7040765817077823638 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://52.178.69.189/webappv2/undefined/cookie/renamekey Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://52.178.69.189/webappv2/assets/img/codereIcons/mlb-Fake2.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://52.178.69.189/webappv2/assets/img/codereIcons/NBA-Logo.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://52.178.69.189/webappv2/assets/img/banderas/Ico_null.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

52.178.69.189
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
analytics.twitter.com
api.adrtx.net
async-px.dynamicyield.com
az416426.vo.msecnd.net
beacon.krxd.net
c1.adform.net
cdn.dynamicyield.com
cdn.siftscience.com
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
coderesbgonlinegeoip.azurewebsites.net
connect.facebook.net
dc.services.visualstudio.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
global.ib-ibi.com
googleads.g.doubleclick.net
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loadm.exelator.com
m.codere.mx
maps.googleapis.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
ps.eyeota.net
px.dynamicyield.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
sdk.bluerbn.com
secure.adnxs.com
simage2.pubmatic.com
st.dynamicyield.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.1dmp.io
sync.1rx.io
sync.crwdcntrl.net
sync.targeting.unrulymedia.com
sync.teads.tv
t.co
t.paypal.com
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
wurfl.io
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
x.bidswitch.net
52.178.69.189
analytics.twitter.com
coderesbgonlinegeoip.azurewebsites.net
m.codere.mx
www.google.com
www.google.de
104.111.215.191
104.111.218.85
104.111.228.123
104.111.242.245
104.244.42.5
13.248.245.213
13.69.106.212
139.162.159.252
141.95.34.104
142.250.185.194
142.250.185.226
145.239.1.219
151.101.12.157
151.101.129.21
172.217.18.102
18.156.0.31
18.185.171.80
18.196.241.128
18.197.73.85
18.215.30.37
185.167.164.49
185.64.190.80
185.86.138.144
2.18.233.201
2.18.234.21
2.18.234.233
213.19.147.45
216.46.185.182
23.45.106.90
2600:9000:2057:4400:a:b89d:a6c0:93a1
2600:9000:211e:5000:1b:5138:8a40:93a1
2600:9000:211e:9a00:15:ad21:c740:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a02:6ea0:c700::4
2a03:2880:f02d:100:face:b00c:0:3
3.120.52.200
3.122.214.165
3.228.88.71
3.33.220.150
34.192.120.237
34.254.143.3
34.96.67.224
35.157.138.20
35.190.16.14
35.227.248.159
35.244.159.8
35.244.174.68
37.157.4.23
37.157.4.41
37.157.6.235
37.252.172.38
46.19.11.36
51.77.65.176
51.79.83.225
52.17.84.146
52.178.69.189
52.215.164.121
52.218.60.75
54.216.80.98
54.246.208.198
54.72.239.169
54.77.170.127
65.9.68.17
65.9.68.72
69.173.144.139
77.243.60.138
85.114.159.118
85.90.245.27
88.99.149.88
017b287a067478f63062a726402fa0254f1bca0ba5230f2455bddd4c27a7fed1
018aa6210daf54ce137be994ed62681bcdd5e2c95bc5e845307d82b10acdcff2
078316556d1ea20ac469d50ac1313f3837b5d00001e6cce069d3fb1a0c5e96c9
089202f18e9c1580f2aa469e222c7fe9e17fa2cff74a90dc7bb090deb8e841fe
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c326303cd19e4b47aedaf26bbebc3cd0e74d98a25aaac07e6ea0c35da2f7262
13d59c755b7999c0688322c1e0a0a3569d93986240abc3453e9790e3decaff35
144827495847f4660bc2ea7057312a482476b36c41b69677236233e57c7bc2eb
15c44532d14f5732b62a9550f529963642ced85d0ddb0f5d666e130832678390
1715cdf26ca2136bbe9a1f35231ae9da9cce287347760bc7bf08657dda132696
171f82db32b2d0e70ae5da3e0e0cf33cda45b528ad219d7501f46d557a2f57ed
25610af2a681615780b93b0ab2a942bf3dbae1a1e3a77aaac23a808dc4f36fca
2c6e2fcc60fb2f20cfe6e642ef9c2f9a65222d651a6caa69ff957a1571c6cea1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd96d87d7cbd92663a76f91720ee35f59c87650b8a6cdc68d4f5e25f3fe4f3c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
342fd946f0b7a3cb40f751de7d5663ad734633f298a6cf0a05da43b820d8ff28
347d36998120dc76ee8b3c81e6d0b4d85970cbe7daaba21f5ce0d92f7e391e2e
3497875fd7d7a181cf1427771ff1f51d044b9d047e66fa4650452485cae6b9a8
35c3816bf0e6c2920c86bc6666a31c733ab64d6da44a887e097ccaf98fd5a7a7
3a335f48dba26c8665cf96d8d6587648a7d74a652324595e12cb602bece8054c
442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781
4acc6ffbeeac5217951647f5579d8c99526c6757ff84a70a4ff1f32fbf17348b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
525613554b75b4e4ae46d2d47b7947482303a7069a3f53243ae7ecc6f19b2358
53151b27d3fe0aee685683cbe17655b3211283291e189219412694165053950e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555f7d873a25e41e062b201be206e39a267bbd230174dfcaee88df6271f83ef4
5e9e658617f47fb957890aff425253bb8e2470cd43d7647195410f6dbfe327dc
5ffdc7c4947e97285b6f602c1e3c267e9d7584869e9aac2d027261583144dc74
601b964b9f1303d26d370423a6cbc49c7fd810eb144f7c543da610a250788938
6504efc0b7a879c6ee4810e806d38268a1a93e1cd55ea524866e3fb8993c94b5
6aae819c1b31846aff8d4836f239bd3ea818e361fe1c65f339cf0cb5cd25baa0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d818c07d41a17e351229ad1546897a8203f71b5d0e9b6dc04c20794d28866ca
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
72f7b75ccde779498003d7e479a0927290260f49f54a9954331d813e1ddd5ad1
765110c2ed9df6800bace14e8a25e1eab733ff6b792266fbcbe3a34b6649da0b
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
7d45e2ab4be1548380de31f4f2852b08e66061527c30e99d616035470346093a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8804028fa95503768f3d5edb4c190c5dbcbb666c96bb4cf75a60c2365caf979c
889b55a9f68c3f0b1b423c124f4876639920d29a171098d4e42d120d401290d7
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
911cedca4de02342bd10e87598103fccdb14b5965a91a4b21a1310082e8f9076
9412347b2988903520c9a54acfb7896a43b0a24f4cefafa74448f49696b9bf28
96224d29d669f052ddbf10f7ae978be8196277af2a635044a851349373a4fa42
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bcff188db8ec82a13954ecad7f58c6164f4e7de1ed98323953aae652d35f612
9e6f33609bbfd590f439037e4ad52f327ef4b5bba38fc1fc67493f7773f3336f
9ebe7fdfb69275b8dab898dab1f9bb0bd4e48bca430a94f40e33adf0f462a8e7
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6892f0cee0da7485b556d1c9800783ce273450abc97bdeda2d9e58820280457
a6f338869efa1e9573804bb604b1f0a8443669c68cefc5751b42fd573b69c2bc
a883c576f0a6c8eb43ae40b920c3e6ae31d243c8a2553eeac046c5f6e8e7c8b6
aad719e933002a9369ff05922536e2c90f6f4e8782265673db40278d3c36554f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8f39bbfb75987ac0e4b233428007fb1063c1a3a27641cdbe89eff394a2f76f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0135004fdc69f1b5c44102e2e425abac06690d1f515dc1a14b178dafe73a077
c5669be856d4bfeac5bd35ed80b05fd7c6f79fbf945cbfdaaf051672dc534b1c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccdae600de4c15101319f0ce3f042b0158f0b69620e259ed58b264b7fc806659
cecfe69d35db01ddfe80a0a588d66eff5065aedb741e93ea54cb11e71c9d665e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1cdfb07d2469d9ed4652940f39e7ca37723d935b625cc8076a80af6d80e0154
d3b94efe0e7f70ed3777933248eea3ea68d854cfc563a687c579db964bed1784
d5cbe10cfb954e6d580525bd05536b21447ce29ab8a84e21da8a58b588190326
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dc37e04be47ca53f3512641e31ca7185072ef418e9e71f55cdc5226b33871b62
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd75dd48d58096c3b29f90fda6f9847adf540b1ea726a283613255f61f6a2fe2
dd8057c40279a8e2a700b33505dabe750104ab48cfefd963b58099bef2f5de28
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df470d9027c8e97a09e311ddc1dfc2f9d97c5477807c4804028ce92171eace31
e068e19a22dec330fd02d3bc330abc5e2247f7bafb0d6ad459e93f6b50c37c08
e3054c0e143214b2147cd9809186437dd1fe01cf1a3156b0f6434c0b883c77d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54dc882150059e158351a8880a563c5e590f14723a070d5ecec09c3220e4579
e57292ae344406b50df1318eaa4cc72694627ab32349f50aefac8b52f9bba4e9
e858b2bc1baec68ced485aab64e4032247fa5eaa0159a8ad46a5288cb8b8fafc
e8709c77954428f864a172ddd8e53de755ce08af9a1dc900774bbf02ffce82e0
ea163a676673e1dfa8f2a8052cf184d85bb122d17faecf44d439a7314c8374fa
eb279e8b153f95096eb59ab3b300a7e45ac70cdc6463fc10159d41665dac7f00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08baf4d0bf0a5f660c8c1d5bdf633f2d4a6f967d1fd496d13d7893fdcd7fc3e
f288f0603d9776a41f09bf392fd80b85838ed085c9e4e38b742f9022dc93a204
f2aed238145f30ec5ff2f43e6a1b133ae9106f8e4d1d27fb9f296f37d2fc5aaa
f2ca16184a18e96701a6bfe86b5233d7702c64f0594ca7d184c06bd79164ded4
f43a837b083eef50e5d8224315505eba3eedc6cea7ee3090029fbdc129fc850a
f965c409829dcdb36c9dfe56b7852bd972c120f200f8dcf404e95515553e7347
fda24fc83ac4bcef24e2e9458255391b531082973303b25ff7bdd81b8b9b78d4
fe2467cbe44c04abd3760449b8606a3f45deaa622ed4d69c8984d3428bb202c4

52.178.69.189 Open in urlscan Pro 52.178.69.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

163 Requests

41 %HTTPS

19 %IPv6

68 Domains

83 Subdomains

59 IPs

10 Countries

14891 kBTransfer

18493 kBSize

119 Cookies

11 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

52.178.69.189 Open in urlscan Pro
52.178.69.189 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

41 %
HTTPS

19 %
IPv6

68
Domains

83
Subdomains

59
IPs

10
Countries

14891 kB
Transfer

18493 kB
Size

119
Cookies

163 HTTP transactions
0 data transactions